Go  for  the  gold 
Enter  Network  World’s . . . 


►  Renovator  Award  competition,  which  win 

recognize  outstanding  network  projects 
and  honor  the  winners  at  a  celebration 
during  NetWorld+Interop.  See  page  14. 


►  And  our  New  Data  Center  awards, 

co-sponsored  by  AFCOM,  showcasing  excellence 
in  data  center  design  management  and  security. 
www.nwfusion.com,  DocFinder:  6132 
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Only  exceptional  students  are  selected  to  run  the  computer  systems 
lab  at  Thomas  Jefferson  High  School  for  Science  and  Technology. 


This  net  is  child’s  play 
for  elite  high  schoolers 

‘The  adults  don’t  know  how  this  stuff  works.' 

■  BY  CAROLYN  DUFFY  MARSAN 

ALEXANDRIA.VA. — They  love  Debian  Linux  but  not  Red 
Hat.They  tolerate  Windows  but  only  for  gaming.  And  one 
of  the  few  things  they  all  agree  on  is  that  they  hate  pro¬ 
gramming  in  Java. 

Meet  the  upperclassmen  at  Thomas  Jefferson  High  School  for 
Science  and  Technology,  the  nation’s  premier  technical  high 
school,  which  is  affectionately  known  asTJ.The  30  students 
who  hang  out  in  TJ’s  Computer  Systems  Lab  are  likely  to  be  the 
next  generation  of  computer  masterminds. 

“My  bedroom  sounds  like  a  machine  room.  I  have  nine  com¬ 
puters  in  there,”  says  John  Livingston,  a  17-year-old  senior  who 
spends  20  hours  a  week  volunteering  as  a  systems  administra¬ 
tor  for  TJ’s  Computer  Systems  Lab. 

For  fun,  Livingston  updates  the  40  workstations  in  the  lab, 
maintains  the  school’s  DNS  records  and  is  redesigning  a  pair  of 

See  School,  page  61 


IETF  leaders  urge 
detente  with  rivals 


■  BY  CAROLYN  DUFFY  MARSAN 

MINNEAPOLIS  —  The  IETF  is  scrambling  to  retain 
its  position  as  the  Internet’s  premier  standards- 
setting  body  in  the  face  of  declining  participation, 
increased  competition  from  other  standards  bodies 
and  overall  network  industry  consolidation. 

Last  week  at  a  meeting  in  Minneapolis,  the  IETF 
installed  a  new  leader  who  vowed  to  improve  the 
group’s  outreach  to  other  organizations,  includ¬ 
ing  the  International  Telecommunication  Union 
(ITU)  and  the  World  Wide  Web  Consortium 
(W3C),  two  rivals  that  are  sometimes  ridiculed  by 
IETF  participants. 


Brian  Carpenter,  a  distinguished  engineer  with 
IBM,  who  has  taken  over  as  IETF  chair,  told  the  group 
at  a  plenary  session  that  it  must  cooperate  with 
other  standards  bodies  to  remain  relevant. 

“If  we  listen  carefully  and  politely  to  each  other 
and  strive  to  play  a  win-win  game,  we  can  progress 
together^’ he  said.  “It’s  more  difficult  than  it  ever  has 
been  for  us  to  ignore  input  from  outside  sources.  We 
need  to  take  notice  of  what  other  people  think  of 
what  we  do.” 

Carpenter’s  remarks,  which  were  received  posi¬ 
tively  by  the  audience,  could  signal  big  changes 
ahead  for  the  fiercely  independent  IETF  If  the  IETF 

See  IETF,  page  16 


Risks  rise  as 
factory  nets 
go  wireless 

■  BY  PHIL  HOCHMUTH 

CHICAGO  —  Wireless  technol¬ 
ogies  for  harvesting  real-time 
data  off  factory  networks  —  and 
strategies  for  putting  such  infor¬ 
mation  to  use  —  were  hot  topics 
at  last  week’s  National  Manufac¬ 
turing  Week  conference. 

However,  some  manufacturing 
IT  professionals  highlighted  the 
risks  involved  in  deploying  wire¬ 
less  technology  in  factories,  or 
converging  plant  control  net¬ 
works  with  IT  systems  and  back- 
office  data  centers.  Others  voiced 
concerns  that  gleaning  too  much 
data  from  manufacturing  pro¬ 
cesses  could  complicate  rather 
than  streamline  a  manufacturing 
operation. 

“Manufacturers  are  getting 

See  Manufacturers,  page  60 
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Cisco’s  purchase  of  Airespace 
could  lead  to  a  surge  in  wireless 
LAN  rollouts,  especially  at  com¬ 
panies  that  were  reluctant  to  pay 
extra  for  Cisco  access  points 
but  were  hesitant  to  go  with  a 
lower-cost  start-up.  Page  40 


Inside  802.11i 

The  802.11i  standard  is  being 
touted  as  the  last  word  on 
wireless  security.  But  how  diffi¬ 
cult  is  it  to  set  up  802.11i?  Page  42 


When  Wi-Fi  meets  cellular 

Wouldn’t  it  be  nice  if 
your  cell  phone  could 
automatically  switch  over 
to  voice  overWi-Fi  as  you 
arrive  at  the  office? 

That  day  isn’t  far  off. 

Page  46 


ONLINE:  Wireless  Buyer’s 
Guide  Get  the  latest 
information  on  WLAN  gear, 
including  client  devices  and 
802.1  la/b/g  access  points. 
www.nwfusion.com, 
DocFinder:  6239. 
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FROM  YOUR  DESK,  A  WORM  WAS 
DETECTED,  QUARANTINED  AND 
ELIMINATED  BEFORE  ANYONE 
NOTICED  YOU  WERE  GONE. 


Cisco.  Cisco  Systems,  the  Cisco  Systems  logo  are  registered  trademarks  or  trademarks  of  Cisco  Systems,  Inc.  and/or  its  affiliates  in  the  US  and  certain  other  countries.  ©2004  Trend  Micro  Incorporated. 

Ail  nghts  reserved.  Trend  Micro  and  the  t-ball  logo  are  trademarks  or  registered  trademarks  of  Trend  Micro  Incorporated.  All  other  company  and/or  product  names  may  be  trademarks  or  registered  trademarks  of  their  owners. 


I 


I 


I 


Trend  Micro  and  Cisco  Systems —  working  together. 

Imagine  a  network  solution  so  advanced,  so  secure,  so  ingeniously  proactive, 

you  may  never  have  to  worry  about  an  outbreak  again. 

Find  out  more  at  www.trendmicro.com/cisco 
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■  17  Johnson  &  Johnson  tackles 
security  pain. 

■  17  Vendors  launch  innovative 
VoIP  gear. 

■  18  Kevin  Tolly:  Circumventing 
Microsoft. 
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Computing 

■  21  New  Wyse  CEO  touts  soft¬ 
ware  initiative  that  shifts  app  frag¬ 
ments  between  devices,  servers. 

■  21  Microsoft  set  to  launch  64-bit 
blitz. 

■  22  Symantec  rolls  out  back-up 
management  software. 

Application 

Services 
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services. 

■  26  Scott  Bradner: 

Unblocking  pipes. 

■  28  Special  Focus: 

Correlating  customer  service  with  IT 
intelligence. 
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■  51  Compliance  burdens. 
Regulatory  requirements  have  IT 
jumping  through  hoops  to  meet 
them,  although  these  mandates  are 
also  driving  bigger  security  budgets. 


Sharp's  new  3-D  LCD  notebook, 
the  Actius  AL3D.  Page  36. 
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TECHNOLOGY  INSIDER:  Wireless: 

Cisco's  purchase  of  Airespace  puts  a  stamp  of  approval  on  the  thin  access 
point/WLAN  switch  architecture  put  forth  by  Airespace,  Aruba,  Trapeze  and 
others.  Page  40. 

Inside  802.111: 

The  802.11i  standard  is  being  touted  as  the  last  word  on  wireless  security. 
But  it  might  also  mean  costly  equipment  upgrades  and  time-consuming 
deployments.  Is  802.11i  worth  the  trouble?  Page  42. 

When  Wi-Fi  meets  cellular: 

Wouldn't  it  be  nice  if  your  voice-over-Wi-Fi  call  automatically  kicked  over  to 
cellular  when  you  left  the  building?  That  day  is  coming.  Page  46. 

ONLINE:  Wireless  Buyer's  Guide 

Get  the  latest  information  on  WLAN  gear,  including  client  devices  and 
802.11a/b/g  access  points,  www.nwfusion.com,  DocFinder:  6239. 
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Network  World  Renovator  Award: 

Call  for  Entries 

Have  you  overhauled  your  network  and  realized  a  substantial 
return  on  the  investment,  discovered  a  significant  new  business 
opportunity  or  found  a  creative  way  to  leverage  technology?  If  so, 
get  in  the  running  for  Network  World's  new  Renovator  Award,  the 
top  winners  of  which  will  be  honored  at  a  celebration  in  fas  Vegas 
during  NetWorld+ Interop,  May  3-5.  DocFinder:  6093 

Call  for  Entries:  The  New  Data  Center 
Awards 

Network  World  and  AFGOM,  the  leading  association  for  data  center 
professionals,  have  teamed  to  honor  innovative  IT  managers  and 
cutting-edge  data  centers  with  our  New  Data  Center  Awards.  Enter 
by  March  18  for  the  following  honors:  Data  Center  Manager  of  the 
Year,  Data  Center  of  the  Year  and  Secure  Data  Center. 

DocFinder:  6132 

Case  studies 

Learn  best  practices  from  your  peers  to  make  the  most  of 
technology  and  better  your  business.  DocFinder:  6095 

Gearblog 

Popular  Network  World  columnist  Mark  Gibbs  comes  to  you  online 
with  Gearblog,  which  promises  "a  stream  of  geeky,  techie  stuff 
about  computers  and  networking."  DocFinder:  6133 

This  week  at  Network  Life:  The  Expert’s 
Guide  to  the  Connected  Home 

Every  day,  Network  Life  offers  everything  you  need  to  know  to 
keep  your  —  and  your  family's  and  friends’  —  home  network 
humming.  Get  the  latest  news,  opinions,  reviews,  how-tos  and 
more.  DocFinder:  4838 


Nutter’s  Help  Desk 

Remotely  turning  on/off  network  computers 

Help  Desk  Guru  Ron  Nutter  introduces  a  reader  to  Wake-On-LAN 

and  magic  packets. 

DocFinder:  6244 

Telework  Beat 

Telework  Recruiting  reflects  the  changing  at-home  work  market 
Net.Worker  Managing  Editor  Toni  Kistner  points  you  to  another 
good  source  for  telework  jobs. 

DocFinder:  6246 

Home  Base 

Managing  your  books  and  contacts,  Part  1 

Sandra  Gittlen  says  QuickBooks  Customer  Manager  helps  juggle 

multiple  projects  with  ease, 

DocFinder:  6247 

Small-Business  Tech 

Network  maintenance  for  spring 

Columnist  James  Gaskin  offers  steps  for  spring-cleaning  your 

networks,  desktops  and  Web  site. 

DocFinder:  6248 

Seminars  and  Events 

Remote  Office  Networking:  Bringing  the 
Enterprise  Together 

Attend  this  new  Technology  Tour  Event  and  Expo  packed  with 
immediate-impact  ideas,  information  and  options  that  will  reduce 
your  remote  office  costs,  increase  your  core  security  and  maxi¬ 
mize  your  management  efficiency.  Find  out  how  you  can  qualify  to 
attend  free.  DocFinder.  6249 
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BT  nabs  Reuters  contract 

■  BT  Group  inked  its  largest  outsourcing  contract  last  week, signing 
up  Reuters  with  a  deal  worth  about  $3  billion  over  the  next  eight 
and  a  half  years.  The  contract  includes  managing  secure-data  net¬ 
works  for  Reuters  around  the  world.  BT  says  that  this  pact  is  three 
times  larger  than  its  next-biggest  outsourcing  agreement  with 
Unilever.  The  contract  may  be  viewed  as  an  extension  of  BT  and 
Reuters’  existing  relationship.  In  October,  the  companies  an¬ 
nounced  BT’s  plans  to  acquire  Reuters’  financial  services  extranet 
provider  Radianz  for  $175  million.  BT  says  it  will  maintain  Radianz’s 
business  of  providing  services  to  the  financial  markets  and  Reuters. 
BT  has  been  busy  expanding  its  global  network  presence  in  the  last 
12  months  with  the  network  service  acquisitions  of  Italian  service 
provider  Albacom  and  multinational  service  provider  Infonet. 

Patent  reform  a  la  Microsoft 

■  Microsoft  executives  last  week  stepped  up  their  calls  for  reform  of  the  U.S.  patent  process, 
saying  the  U.S.  Patent  and  Trademark  Office  (USPTO)  too  often  focuses  on  quantity  instead 
of  quality  Microsoft  also  called  for  a  patent  system  that  is  more  accessible  to  small 
investors,  and  executives  recommended  that  Congress  end  patent-filing  fees  for  small 
companies,  nonprofit  groups,  universities  and  individual  inventors.  Microsoft  and  other 
high-technology  companies  have  pushed  Congress  to  end  the  diversion  of  patent  fees  from 
the  USPTO  to  the  government  general  budget,  saying  the  office  needs  more  funding  to 
evaluate  the  growing  number  of  patent  applications.  The  USPTO  receives  more  than 
350,000  patent  applications  per  year,  triple  the  number  it  received  20  years  ago.  Beyond 
Microsoft,  many  technology  companies  and  trade  groups  have  called  for  patent  reform 
over  the  years.  And  let’s  not  forget  Microsoft,  which  holds  about  4,500  patents  worldwide 
and  has  another  10,000  pending,  is  currently  battling  a  couple  of  patent  lawsuits. 

Lexis  Nexis  hack  continues  nasty  trend 

■  London-based  publisher  Reed  Elsevier,  the  parent  company  of  online  content  provider 
Lexis  Nexis,  last  week  acknowledged  that  personal  records  of  about  32,000  people  were 
fraudulently  accessed  by  hackers,  although  the  parent  company  declined  to  disclose  the 
exact  date  of  the  discovery  The  information  included  names,  addresses,  and  Social 
Security  and  driver’s  license  numbers,  but  not  credit  history  medical  records  or  financial 
information,  said  Reed  Elsevier,  which  intends  to  notify  those  affected  by  the  security 


“Welcome  to  Microsoft  Anti-Virus 
Professional  Edition.” 


Lee  Kasner  of  Tarpon 
Springs,  Fla.,  earns  top 
honors  this  week,  winning 
our  Weekly  Caption 
Contest  Kasner  is  the  first  recipient  of  one  of  our  exclusive  and 
much-sought-after  Layer  8  mousepads.  Enter  to  win  one  for  your¬ 
self  by  checking  back  each  week  for  the  start  of  a  new  contest. 
www.nwfusion.com/weblogs/layer8 
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TheGoodTheBadTheUgly 

The  right  message.  Harvard  Business  School  last  week  said  it  would 
reject  119  applicants  who  followed  instructions  posted  at  BusinessWeek  Online  to 
hack  into  Harvard’s  admissions  site.  "Our  mission  is  to  educate  principled  leaders 
who  make  a  difference  in  the  world,"  said  the  school's  dean  Kim  Clark.  "To  achieve 
that,  a  person  must  have  many  skills  and  qualities,  including  the  highest  standards 
of  integrity,  sound  judgment  and  a  strong  moral  compass  —  an  intuitive  sense  of 
what  is  right  and  wrong.  Those  who  have  hacked  into  this  Web  site  have  failed  to 
pass  that  test." 

Dr.  Whodunit?  The 

BBC  wants  to  know  how  a  new 
episode  of  the  British  sci-fi  series 
"Doctor  Who"  wound  up  on  the 
Internet  without  its  permission. 
Off  the  air  since  1989,  the  show 
is  set  to  return  to  TV  later 
this  month.  The  breach  is 
suspected  to  have 
occurred  within  the 
BBC's  broadcast 
partner;  the  Canadian 
Broadcast  Corp.  < 


The  price  of  failure.  Shareholders  have  filed  a  class-action  lawsuit 
against  ChoicePoint  and  its  top  executives  after  a  mqjor  security  debacle  involving 
identity  information  for  500,000  people  sent  the  data  warehouse  company's  stock 
tumbling  to  a  52-week  low  of  $37,  off  more  than  20%  from  its  Feb.  2  high  point. 


breach  to  watch  for  signs  of  identity  theft.The  disclosure  follows  that  of  rival  ChoiceFbint, 
which  last  month  said  thieves  grabbed  Social  Security  numbers  and  other  consumer  data 
(see  above). Also,  DSW  shoe  stores  said  last  week  that  a  hacker  stole  credit  card  and  other 
data  of  customers  at  103  of  its  175  stores  in  the  past  three  months. 

IBM  puts  Blue  Gene  on  tap 

■  IBM  is  making  its  Blue  Gene  supercomputer,  ranked  the  fastest  in  the  world,  available 
on  demand  so  that  high-performance  computing  customers  can  get  the  processing  power 
they  need  when  they  need  it  without  having  to  worry  about  high  upfront  costs  or  man¬ 
agement  headaches.  IBM  has  been  offering  supercomputing  on  demand  for  nearly  two 
years,  but  on  traditional  hardware  based  on  Xeon,  Opteron  and  Fbwer  processors.  End 
users  can  tap  into  Blue  Gene  to  run  Linux-based  workloads  via  a  dedicated  VPN  into  a 
new  Deep  Computing  Capacity  on  Demand  Center  in  Rochester,  Minn.,  where  Blue  Gene 
was  developed.  Blue  Gene  is  made  up  of  specially  designed  Fbwer-based  nodes  that 
include  only  a  processor  and  a  small  amount  of  memory  The  key  feature  of  Blue  Gene  is 
that  it  is  extremely  dense:  A  single  rack  includes  1,024  dual-processor  nodes  that  can 
reach  peak  performance  of  5.7  teraflops. 

Novell  unleashes  new  Linux  package 

■  Novell  announced  last  week  that  both  SuSE  Linux  Professional  9.3  and  Open  Enterprise 
Server  are  now  available.  SuSE  Linux  Professional  includes  a  Linux  operating  system  that 
uses  the  2.6.11  kernel,  more  than  3,000  open  source  applications  and  packages,  network 
capability  and  personal  productivity  applications  such  as  e-mail,  a  Web  browser  and  an 
office  suite. The  package  is  expected  to  be  available  in  mid-April. 
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v  No  wasted  capacity 
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Oracle  Grid 
It's  fast...  it's  cheap... 
and  it  never  breaks 


oracle.com/grid 
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Note:  'Never  breaks'  indicates  that  when  a  server  goes  down,  your  system  keeps  on  running. 
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Active  market  marks  wireless  show 
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Buying  air 

Spending  on  wireless  transport  services  in  the  U.S.  is 
expected  to  overtake  wireline  in  2007. 


U.S.  transport  services  (in  billions) 


■  BY  JIM  DUFFY  AND 
DENISE  PAPPALARDO 

Enterprise  network  profession¬ 
als  will  find  several  nuggets  at 
this  week’s  consumer-oriented 
CTIA  Wireless  2005  conference, 
which  convenes  in  New  Orleans 
during  a  period  of  dramatic 
industry  change. 

Since  the  last  CTIA,  Cingular 
bought  AT&T  Wireless  and  Sprint 
launched  its  bid  for  Nextel.  Sub¬ 
scribers  continue  to  mushroom, 
as  Ford  Motor  announced  re¬ 
cently  it  was  unwiring  8,000 
phones,  and  the  University  of 
Notre  Dame  said  cellular  use 
among  students  might  allow  it  to 
cap  3,000  dormitory  wall  jacks. 
And  the  migration  to  3G  looms. 

Maybe  that’s  why  attendance  at 
this  year’s  show  is  expected  to  be 
up  15%  from  last  year’s  35,000, 
according  to  officials  at  CTIA  — 
The  Wireless  Association.  The 
number  of  exhibitors  is  expect¬ 
ed  to  be  up  20%  over  last  year,  to 
1,000. 


“With  cellular,  consumer  capa¬ 
bilities  are  often  a  very  good  pre¬ 
amble  to  the  business  capabili¬ 
ties,”  says  Keith  Waryas,an  analyst 
at  IDC.The  early  adopters  of  all 
these  advanced  data  services  are 
business  users.  People  use  their 
phone  primarily  for  business 
purposes.” 

Key  conference  sessions  for 
business  users  will  focus  on  chal¬ 
lenges  in  internetworking  wire¬ 
less  voice  networks  with  next- 
generation  IP  infrastructures;  the 
impact  of  municipalities,  such  as 
Philadelphia,  offering  metropoli¬ 
tan  Wi-Fi  access;  and  potential  pit- 
falls  of  mobile  voice-over-Wi-Fi 
implementations. 

There’s  a  whole  day  of  ses¬ 
sions  devoted  to  Wi-Fi  VoIP  in¬ 
cluding  one  on  whether  users’ 
ability  to  access  certain  fea¬ 
tures  depends  on  which  carrier 
they  subscribe  to. 

“You’ll  see  some  of  the  first  Wi¬ 
Fi  and  wide-area  cellular  devices 
. . .  able  to  offer  some  converged 
services  that  leverage  broad¬ 


band  IP  networks  in  the  enter¬ 
prise  with  cellular  networks,” says 
Mark  Lowenstein,  managing 
director  of  consultancy  Mobile 
Ecosystem.  “Convergence  is  a 
pretty  important  theme  this  year 


with  the  growth  in  VoIP  and  all 
the  related  equipment  in  the 
enterprise.” 

Those  enterprise-class  devices 
will  be  BlackBerries,PDAs  and  IP 
PBXs.  IP  PBX  maker  Avaya  just 
last  week  announced  an  agree¬ 
ment  with  Nokia  to  add  full  busi¬ 
ness  VoIP  capabilities  to  Nokia’s 
cellular  mobile  devices,  and 
another  with  Symbian  to  add 
business  VoIP  to  Symbian’s  oper¬ 
ating  system  for  mobile  enter¬ 
prise  smart  phones. 

But  wireless  VoIP  won’t  be  the 
only  convergence  theme  at  the 
show.  Users  will  hear  vendor 
plans  to  support  the  IP  Multi- 
media  Subsystem  (IMS)  —  the 
architectural  blueprint  for  bridg¬ 
ing  IP-based  wireless  and  wire- 
line  networks  and  services  that 
support  integrated  voice/data/ 
video  applications. 

For  example,  Sun  plans  to  an¬ 
nounce  partnerships  with  a  line¬ 
up  of  IMS  application  develop¬ 
ers.  The  company  is  pledging 
product  development  support 
for  Sun’s  Netra  Advanced  Tele¬ 
com  Computing  Architecture 
blade  server  platform. 

“The  real  story  [of  CTIA]  could 
end  up  being  IMS,”  IDC’s  Waryas 
says.  “Convergence  between  net¬ 
works  —  landline  and  wireless 
—  is  going  to  probably  be  one  of 
the  hottest  issues  two  and  three 
years  out.” 

Currently,  corporate  users  are 
charged  separately  and  distinctly 
for  wireline  and  wireless  ser¬ 
vices,  even  if  they  are  from  the 
same  carrier,  Waryas  says.  Users 
typically  can’t  get  a  bundled  dis¬ 
count  price  or  seek  cost  advan¬ 
tages  from  number-of-users 


scale,  he  says. 

IMS  will  let  carriers  create  a  user 
interface  for  mobile  enterprise 
customers  from  which  they  can 
select  business  and  personal  con¬ 
tent  and  have  it  automatically 
billed  to  a  business  or  personal 
account. 

“It  simply  allocates  it  to  a  dif¬ 
ferent  spending  bucket  so  that 
can  go  onto  a  personal  credit 
card,  a  direct  bill,”  Waryas  says. 
Companies  “are  going  to  push 
back  and  say, ‘We’ll  consolidate 
accounts  and  buy  these  data 
plans,  but  we  don’t  want  this, 
this  and  this  going  over  the 
handsets.”’ 

Qualcomm  also  plans  to  unveil 
its  IMS  strategy  at  CTIA,  a  week 
after  announcing  that  Chairman 
and  CEO  Irwin  Jacobs  will  relin¬ 
quish  his  CEO  title  to  his  son, 
Paul  Jacobs.  The  elder  Jacobs 
will  remain  chairman. 

Other  major  CTIA  announce¬ 
ments  include: 

•  Sprint’s  launch  of  its 
Extended  Workplace  remote- 
access  platform,  which  offers 
business  users  a  secure  platform 
to  access  a  corporate  VPN  via 
Sprint’s  PCS  Vision  wireless  data 
service,  dial-up  or  Wi-Fi. 

Sprint  also  is  expected  to 
announce  the  first  wireless  data 
service-level  agreement  (SLA). 
Sprint’s  wireless  data  SLA  is  guar¬ 
anteeing  99.5%  network  availabil¬ 
ity  and  that  data  blocking  caused 
by  congestion  will  be  less  than 
2%,  and  drops  less  than  1%. 

One  drawback  is  that  users  are 
required  to  have  someone  inter¬ 
nally  manage  and  monitor  the 
SLA.  “It  requires  resources  that 
some  users  may  not  have,”  says 
Bob  Egan,  president  of  consult¬ 
ing  firm  Mobile  Competency. 

•  Start-up  FiberTower  will 
emerge  from  stealth  mode  at 
CTIA. 

Founded  four  years  ago, 
FiberTower  is  a  backhaul  ser¬ 
vices  company  competing  with 
the  local  exchange  carriers  as  a 
replacement  for  copper  T-l  back¬ 
haul  —  the  “weak  link"  in  wire¬ 
less  networks,  according  to  the 
company  FiberTower  has  nation¬ 
al  contracts  with  three  of  the  Big 
5  U.S.  wireless  operators. 

•  Verizon  Wireless  is  providing 
an  update  on  its  V  Cast  streaming 
media  service,  which  launched 
Feb.  1  .Verizon  Wireless  is  expect¬ 
ed  to  divulge  download  informa¬ 
tion  by  content  and  frequency, 
and  rank  handsets  that  perform 
best  with  the  service.  ■ 


Airespace  beta-tests  WLAN  gear 


■  BY  JOHN  COX 

WORCESTER,  MASS.  —  Cisco’s  pending  acquisi¬ 
tion  target,  Airespace,  has  begun  beta-testing  two 
products,  an  outdoor  wireless  mesh  node,  and  a 
high-end  wireless  LAN  switch,  according  to  several 
customers  (see  our  Technology  Insider,  page  40). 

The  mesh  node  will  be  Airespace’s  first  in  this 
increasingly  crowded  market  segment. 

In  a  mesh,  wireless  clients  are  routed  through 
nodes  that  are  themselves  wirelessly  linked  to  a 
gateway  that  connects  with  a  wired  network.  The 
mesh  extends  a  WLAN  over  larger  areas,  mini¬ 
mizes  Ethernet  cabling  and  provides  redundant 
pathways  for  WLAN  traffic. 

The  new  WLAN  switch  will  support  a  larger  num¬ 
ber  of  access  points  than  the  Airespace  4000 
model  or  the  company’s  4100  data  center  appli¬ 
ance,  customers  say. 

Customers  refer  to  Aire¬ 
space’s  mesh  node  as  the 
1300  and  the  new  switch  as 
the  4200.  It’s  unclear  whether 
Airespace  plans  to  ship  the 
products  before  the  acquisi¬ 
tion  deal  is  completed  by  the 
end  of  April. 

An  Airespace  executive 
says  the  company  does  not 
comment  on  unannounced 
products. 

The  new  products  already 
were  nearing  completion 
when  Cisco  announced  in 
January  that  it  planned  to 


buy  the  privately  held  company  for  $450  million. 
Cisco  hasn’t  yet  said  what  its  WLAN  product  strat¬ 
egy  will  be  in  the  wake  of  the  acquisition. 

Bridgewater  State  College  in  Massachusetts,  has 
begun  beta-testing  the  first  of  about  a  half-dozen 
outdoor  Airespace  nodes.  These  will  extend  the 
campus  WLAN,  based  on  Cisco’s  Aironet  access 
points,  into  open  areas  off  campus,  according  to 
college  IT  managers.  Some  details  of  the  outdoor 
product  were  unveiled  publicly  at  a  higher-educa¬ 
tion  technical  conference  last  week,  in  a  presen¬ 
tation  college  officials  said  had  been  cleared  by 
the  vendor. 

The  1300  outdoor  node  is  easy  to  mount  on  a 
light  pole  and  plug  into  a  streetlight’s  power  sup¬ 
ply, says  Michael  King,  technical  support  specialist 
with  the  college’s  Office  of  Telecommunications.  It 
takes  about  the  same  amount  of  power  as  a  30- 
watt  lightbulb,  he  says. 

The  node  has  two  radios: 
the  2.4-GHz  unit  connects 
with  standard  802.11b  and 
802.1  lg  client  devices;  the 
5.8-GHz  has  a  modified  ver¬ 
sion  of  the  802.11a  WLAN 
specification.  The  changes 
let  Airespace  run  it  at  up  to 
500  milliwatts,  far  above  a 
typical  office  or  home 
access  point’s  power  level  in 
the  30  to  50  milliwatt  range. 
The  2.4-GHz  radio  can  reach 
up  to  250  milliwatts. 

With  such  power,  WLAN 
See  Airespace,  page  10 
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VON  Spring  2005  goes  beyond  VoIP 

Key  to  VoIP’s  future  is  integrating  other  services. 


■  BY  TIM  GREENE 

SAN  JOSE  —  The  message  that 
VoIP  isn’t  just  about  voice  any¬ 
more  came  across  loud  and  clear 
at  the  VON  Spring  2005  show  in 
San  Jose  last  week,  where  indus¬ 
try  heavyweights  AT&T,  Microsoft, 
Nortel  and  AOL  discussed  how 


the  worlds  of  voice,  text  and 
video  are  converging. 

AT&T  Labs,  the  research  arm  of 
AT&T,  demonstrated  IP  phone 
capabilities  that  blend  conferenc¬ 
ing  and  auto-transcription  using 
speech-to-text  software,  some  of 
which  will  be  incorporated  in  a 
new  collaboration  service  to  be 


offered  this  fall. 

AT&T  Enhanced  VoIP  Con¬ 
troller,  some  of  the  features  of 
which  will  be  used  to  support  the 
service,  consists  of  desktop  and 
server  software  that  can  be  used 
to  set  up  and  support  conference 
calls.  Speech-to-text  software  tran¬ 
scribes  conversations  with  about 


85%  accuracy,  AT&T  says.This  can 
be  done  without  training  the  soft¬ 
ware  to  understand  individual 
speakers,  even  if  they  have 
accents  and  are  calling  on  bad 
connections. 

Enhanced  VoIP  Controller  can 
be  used  to  search  the  text  for  key 
words  so  users  can  find  the  part 
of  the  conference  they  want  and 
read  the  transcript.  The  software 
maps  the  text  to  the  audio  so 
users  can  click  to  hear  specific 
segments,  making  it  easy  to  verify 
content  for  accuracy 

While  calls  are  being  played 
back,  the  audio  can  be  displayed 
on  a  computer  screen  as  text, 
effectively  creating  closed  cap¬ 
tioning  of  the  conversation. 
Listeners  can  speed  up  or  slow 
down  the  replay  to  get  to  the 
parts  they  want. 

Also  playing  on  the  integration 
theme,  VON  keynote  speaker  Jim 
Dondero,  Nortel  vice  president  of 
wireline  and  optical  marketing, 
said  his  company  was  working 
with  Microsoft  to  integrate  Nortel’s 
Multimedia  PC  Client  with  Micro¬ 
soft’s  Communication  Server  (see 
related  story  page  12),  which  gives 
the  latter  voice  and  videoconfer¬ 
encing  capabilities.  Both  are 
based  on  Session  Initiation 
Protocol  (SIP)  signaling.“It  would 
be  foolish  to  think  any  one  ven¬ 
dor  could  do  all  this,”  Dondero 
said. 

AOL  used  the  show  to  an¬ 
nounce  VoIP  services  offerings  for 
its  broadband  customers  as  a 
bundle  with  Internet  access  and 
instant  messaging  (IM),  hinting 
there  would  be  integration 
among  them. 

Internet  Phone  Service,  as  AOL 
calls  the  offering,  will  make  use  of 
presence  technology,  the  same 
technology  that  lets  AOL  users 
know  what  Instant  Messenger 
buddies  are  online.  The  company 
would  not  say  what  form  the  inte¬ 
gration  would  take  but  a  spokes¬ 
woman  said  it  would  identify 
what  buddies  were  available  for 
calls,  and  recipients  would  get  a 
screen  pop-up  that  show  who  is 
calling. 

Even  speakers  looking  to  the 
future  were  focused  on  integrat¬ 
ing  communications. 

A  panel  and  a  keynote  address 
provided  an  update  on  Internet  2, 
the  project  to  advance  the  adop¬ 
tion  of  high-speed  networks  and 
applications.  One  of  the  goals  of 
Internet  2  is  to  deliver  100M  bit/ 


sec  connections  to  every  dorm 
room  at  the  270  universities  in  the 
project.  Government  and  industry 
also  are  sponsors. 

Internet  2  is  based  on  a  10G 
bit/sec  optical  backbone  called 
Abilene,  which  employs  IPv6 
throughout.  As  part  of  its  promo¬ 
tion  of  SIP  as  a  signaling  protocol 
to  encourage  converged  voice, 
e-mail,  videoconferencing  and 
IM,  the  group  advocates  using 
e-mail  addresses  as  the  basis  for 
SIP  identification. 

“We’re  pushing  e-mail  IDs  as 
opposed  to  phone  numbers  as 
the  primary  identifier  for  users  on 
the  network,”  said  Dennis  Barron, 
integrated  communications  stra¬ 
tegist  at  MIT. 

The  key  is  to  identify  a  person, 
not  a  phone,  in  a  network  using 
presence  to  give  every  user  as 
many  communications  options 
as  possible.  Internet  2  already 
has  150,000  e-mail  addresses 
reachable  as  SIP  identifiers,  with 
thousands  more  scheduled  to 
come  into  the  database  soon,  he 
said. 

Internet  2  also  is  working  on 
ways  to  stop  voice  spam  —  the 
sending  of  unsolicited  voice  mails 
to  VoIP  mailboxes  —  by  using  SIP 
to  verify  legitimate  callers  “We  feel 
we  can’t  allow  the  same  thing  to 
happen  to  voice  that  happened  to 
e-mail,”  Barron  said. 

While  excitement  about  new 
services  dominated  the  show,  out¬ 
going  FCC  Chairman  Michael 
Powell,  who  many  credit  with  giv¬ 
ing  VoIP  the  chance  to  grow  by 
limiting  regulation,  said  in  a 
keynote  address  that  VoIP  equip¬ 
ment  vendors  and  service 
providers  need  to  keep  pressing 
for  the  regulatory  changes  they 
need  to  succeed. 

Fbwell  urged  the  community 
to  help  resolve  issues  about  IP 
communications  the  government 
is  interested  in.  These  items 
include  establishing  911  emer¬ 
gency  technology  for  VoIP  to 
determine  accurately  where  a 
caller  is  located;  an  effective  way 
to  legally  wiretap  VoIP  calls;  and  a 
way  to  fund  universal  access, a  tax 
on  phone  service  that  subsidizes 
phones  in  rural  areas.  “I’m  pretty 
confident  you  don’t  want  [regula¬ 
tors]  doing  it  for  you,”  he  said. 

Fbwell  called  conference  atten¬ 
dees  VoIP  pioneers  and  heroes 
whose  perseverance  has  resulted 
in  advances  in  communications 
that  will  be  good  for  the  country  ■ 


Airespace  readies  wireless  mesh 


Bridgewater  State  College  has  launched  a  beta  test  of  outdoor  WLAN  mesh  nodes  from 
Airespace.  The  mesh  will  cover  on-  and  off-campus  open  areas,  letting  clients  hop 
through  nodes  to  reach  the  campus  backbone.  Airespace  also  is  readying  a  new  high- 
end  WLAN  switch,  which  support  more  access  points  than  the  current  model. 


Airespace 

continued  from  page  8 

ranges  for  outdoor  networks  can  span  thousands 
of  feet,  compared  with  a  few  hundred  or  less  for 
indoor  WLANs  at  conventional  power  levels. 
Higher  power  also  lets  the  WLAN  cut  through 
interference.  Bridgewater  has  not  tested  either 
capability. 

Airespace  seems  to  have  maintained  relatively 
high  performance  levels  even  after  traffic  makes 
multiple  hops  through  the  mesh,  King  says.  Each 
hop  reduces  the  overall  throughput.  But  he  says 
even  after  hopping  to  a  fifth  node,  users  will 
have  about  3.5M  byte/sec  of  shared  throughput. 
In  a  typical  indoor  11a  or  llg  network,  optimal 
throughput  is  in  the  20M  to  23M-byte/sec  range 
but  drops  off  sharply  as  the  distance  between 
client  and  access  point  increases. 

Bridgewater  eventually  will  have  about  seven 
or  eight  outdoor  nodes,  with  one  of  them  w'ired 
back  into  the  campus  network. WLAN  users  with¬ 
in  range  of  a  node  will  have  authenticated 
access  via  802.  lx  to  the  campus  network. 

Some  rivals,  such  as  Bel  Air  and  Tropos.are  spe¬ 
cializing  in  outdoor  WLAN  meshes.  Others, 
including  Firetide,  Meru  Networks  and  Nortel, 
offer  outdoor  products  that  can  be  used  solely  in 
outdoor  networks  or  to  extend  indoor  WLANs 
over  outdoor  areas. 

Few  details  were  disclosed  about  the  new 
Airespace  switch. The  current  4000  models  con¬ 
nect  directly  with  12  or  24  Airespace  or  third- 


party  access  points.  The  4100  sits  between  a 
wiring  closet  switch  and  the  network  core.  In  this 
configuration,  the  access  points  are  wired  to  the 
existing  Ethernet  switch. 

“We  already  have  a  4200  series  switch  and  so 
far  it’s  been  working  like  a  champ,”  says  Michael 
Sherwood,  CIO  for  the  city  of  Oceanside,  Calif. 

“The  420x  [series]  allows  for  space  conserva¬ 
tion  within  our  data  center,  as  it  handles  more 
access  points  than  the  previous  solution  in  the 
same  rack  space,”  says  Mark  Rein,  director  of  IT 
at  Virginia  Hospital  Center  in  Arlington.  Both 
men  declined  to  be  more  specific  about  the  new 
switch’s  features. 

The  higher  density  might  be  important 
because  some  rivals  claim  to  support  several 
hundred  access  points  on  one  switch. 

The  future  of  these  and  other  Airespace  prod¬ 
ucts  hinges  on  how  Cisco  decides  to  juggle  the 
two  WLAN  product  lines.  One  option  is  for  Cisco 
to  support  the  existing  Airespace  products 
for  some  time,  while  cannibalizing  the  Airespace 
software  for  its  own  WLAN  approach,  beefing 
up  the  ability  of  IOS-based  switches  and  routers 
to  manage  and  secure  enterprise  WLANs. 

Cisco  offers  the  Aironet  line  of  conventional 
access  points  and  the  Wireless  LAN  Solutions 
Engine  to  manage  them.  Last  year,  as  part  of 
its  response  to  the  challenge  posed  by  Airespace 
and  other  WLAN  switch  vendors,  Cisco  intro¬ 
duced  its  Wireless  LAN  Services  Module,  a  blade 
that  slots  into  its  high-end  Catalyst  6500s  switch 
and  manages  WLAN  traffic.  ■ 


SDLT  600  MEMORY  TEST 


1SD  6 
PIN  4  (PI) 


•620 

10V 


C30 


'■*  6\ 


TEST  #348 


SDLT  600  Results  : 

Cognitive  Memory  Skills  :  |  |  Speed 

High  Capacity  :  l^#l  WORM 


Manageability 

Compatibility 


In  repeated  time  trials,  the  SDLT  600  never  reached  the  cheese,  or  even  left  the  starting  line 
for  that  matter.  Perhaps  tapes  don’t  like  cheese.  However,  as  for  data  backup  capacity,  the 
SDLT  600  is  a  clear  winner.  It  has  more  capacity  and  more  speed  than  LTO-2  and  AIT-3.  It  also 
includes  DLTSage™  diagnostic  management  software  and  DLT Ice™  archival  WORM  functionality. 
How  do  we  know?  It’s  been  tested.  For  more  info  and  to  see  the  whitepaper,  visit  DLTtape.com. 
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Microsoft  snaps  up  Groove,  Ozzie 


■  BY  JOHN  FONTANA 

Microsoft  made  a  high-profile 
move  last  week  acquiring  Groove 
Networks  for  an  undisclosed  sum 
and  adding  Groove’s  virtual  peer- 
to-peer  software  to  its  ever-grow¬ 
ing  portfolio  of  collaboration 
software. 

Groove  was  founded  in  1997  by 
Lotus  Notes  creator  Ray  Ozzie, 
who  will  become  the  CTO  for  col¬ 


laboration  at  Microsoft.  Groove’s 
Virtual  Office  client-side  technol¬ 
ogy  lets  users  share  files  and  work 
with  data  offline  and,  most  not¬ 
ably,  securely  collaborate  over 
corporate  firewalls. 

Microsoft  has  invested  $88  mil¬ 
lion  in  Groove  since  2001  and 
plans  to  make  Virtual  Office  the 
third  leg  of  its  collaboration  stool, 
which  includes  real-time  collabo¬ 
ration  with  Live  Communication 


Server  2005  and  Live  Meeting 
2005,  server-based  collaboration 
with  SharePoint  portal  and  team 
workspaces,  and  now  peer-to- 
peer  with  Virtual  Office.  The  trio 
will  be  part  of  Office  System,  the 
focal  point  of  Microsoft’s  collabo¬ 
ration  strategy 

“The  key  feature  is  the  Groove 
infrastructure  that  allows  compa¬ 
nies  to  collaborate  without  hav¬ 
ing  to  share  network  infrastruc¬ 


ture  or  without  having  to  go 
through  setting  up  outside-the- 
firewall  servers  for  customers 
and  partners  to  collaborate  on,” 
says  Stephen  Sinofsky,  senior 
vice  president  for  Microsoft 
Office.Sinofsky  says  it  is  too  early 
to  discuss  product  plans  and 
packaging. 

Over  the  past  few  years,  Groove 
slowly  added  a  host  of  corporate- 
class  features  and  servers  to  turn 


Microsoft  rolls  out  real-time  lineup 


■  BY  JOHN  FONTANA 

Microsoft  last  week  began  to  pull  together 
its  real-time  communication  platform  and  to 
deliver  the  pieces  that  corporations  will 
need  to  build  instant  messaging  and  pres¬ 
ence  awareness  into  their  applications  and 
networks. 

The  company  announced  the  imminent 
release  of  Microsoft  Office  Communicator 
2005,  the  corporate  client  for  its  real-time  plat¬ 
form.  It  also  announced  upgrades  to  its  Live 
Communications  Server  2005  (LCS)  instant 
messaging/presence  platform  and  Live  Meet¬ 
ing  Web  conferencing  service.  However, 
despite  these  plans,  analysts  say  Microsoft  still 
has  a  way  to  go  to  provide  the  capabilities  it 
has  promised. 

“It  is  quite  astounding  that  Microsoft  has  not 
been  able  to  deploy  a  good  IM  system  before,” 
says  David  Ferris,  president  of  Ferris  Research. 
Microsoft’s  first  effort  came  with  Exchange 
2000,  but  the  technology  was  yanked  in  the 
2003  version  and  eventually  became  LCS. 
Today,  Office  System  is  the  centerpiece  for 
real-time  communication  and  collaboration, 
which  includes  Outlook,  Communicator,  Ex¬ 
change,  Office,  ShareFbint,  Live  Communica¬ 
tion  Server  and  Live  Meeting. 


Ferris  says  Microsoft  is  playing  catch-up  to 
rival  IBM/Lotus,  which  has  delivered  IM  and 
real-time  capabilities  for  years.  “Microsoft  cus¬ 
tomers  should  be  happy  the  company  is 
showing  a  way  forward,  especially  those  com¬ 
mitted  to  the  Windows  platform,”  he  says. 

The  way  forward  starts  with  Communicator, 
which  was  released  in  beta  last  November 
under  the  code  name  Istanbul. 

The  client  integrates  presence  information, 
instant  messaging,  voice,  video,  Web  confer¬ 
encing  and  telephony  into  a  desktop  inter¬ 
face.  The  client,  when  integrated  with  a  PBX, 
can  be  used  for  call  control  such  as  call  for¬ 
warding  and  multi-call  conferencing.  Micro¬ 
soft  is  working  with  partners  Siemens  and 
Alcatel’s  Genesys  to  provide  telephony  inte¬ 
gration  with  LCS  2005  and  Communicator. 

Microsoft  also  is  planning  a  Web-based  ver¬ 
sion  of  Communicator  that  will  run  in  a 
browser  on  Windows  9.x  and  non-Microsoft 
platforms.  Microsoft  also  plans  to  continue 
support  for  its  current  Windows  Messenger  IM 
client.  Pricing  was  not  announced  for 
Communicator. 

LCS  2005  Service  Pack  1,  the  Session  Initia¬ 
tion  Protocol-based  back-end  server  for  Com¬ 
municator,  and  Live  Meeting  2005,  an  upgrade 
to  Microsoft’s  Web  conferencing  service,  also 


were  unveiled  last  week. 

LCS  2005  SP  1  includes  support  for  Com¬ 
municator  and  technology  to  connect  LCS 
with  AOL,  Yahoo  and  MSN  instant  messaging 
platforms.  Live  Meeting  2005  includes  integra¬ 
tion  with  Office  applications  and  Active 
Directory  and  streaming  audio  features. 

Despite  the  added  features,  Microsoft  didn’t 
say  anything  about  multi-party  support  in  the 
client  or  a  premises-based  server  for  Web  con¬ 
ferencing,  which  are  two  things  rival 
IBM/Lotus  is  offering  customers. 

“There  are  gaps  that  Microsoft  has  in  its 
product  line  ,and  they  need  to  get  some  more 
capabilities,”  says  Ed  Brill,  business  unit  execu¬ 
tive  for  worldwide  sales  at  IBM/Lotus.  “But 
building  a  new  client  and  one  that  predicates 
the  entire  Office  2003  suite  is  about  the  way 
you  would  expect  them  to  do  it.” 

Still,  analysts  say  Microsoft  is  headed  in  the 
right  direction. 

“In  the  bigger  picture,  to  give  them  credit 
where  it  is  due,  they  are  pulling  together  a 
more  complete  communications  and  collab¬ 
oration  strategy  at  this  point,  and  they  are 
acknowledging  things  like  non-Windows 
clients  so  they  are  doing  a  lot  of  things  right,” 
says  Peter  O’Kelly,  an  analyst  with  Burton 
Group.  ■ 


Real-time  wares 

Microsoft  last  week  rolled  out  the  new  client  for  its  real-time  communications  software  and  upgraded  other  pieces 
of  the  platform. 


Products 

Description 

Available 

Pricing 

Office  Communicator  2005 

Client  front-end  for  real-time  communications 
integrates  presence,  instant  messaging,  voice, 
video,  Web  conferencing  and  telephony. 

Next  90  days;  Web- 
based  version  by 
year-end 

Not  announced 

Live  Communications  Server 
2005  Service  Pack  1 

Includes  support  for  Communicator  and 
connections  to  public  instant-messaging 
platforms  from  AOL, Yahoo  and  MSN.  Also 
includes  APIs  for  integrating  presence  with 
other  applications. 

April  2005 

$787  Standard  Edition;  $3,154  Enterprise 
Edition.  Client  Access  License:  $1  per 
device  or  user,  Public  IM  connector:  $13 
to  $16  per  user,  per  year. 

Live  Meeting  2005 

This  hosted  service  updated  with  ability  to 
launch  Web  conference  from  Office  applications, 
integration  with  Active  Directory  and  streaming 
audio  capabilities. 

Available 

Various  pricing  options 

the  Groove  Virtual  Office  environ¬ 
ment  into  a  secure,  managed  uni¬ 
versal  front-end-to-back-end  data 
repository  and  a  bridge  that  ties 
together  disparate  client  tech¬ 
nologies  used  for  collaboration 
such  as  Outlook  and  Lotus  Notes. 

Groove  also  has  added  audit¬ 
ing/logging  controls, Web  services 
APIs,  and  integration  with  Micro¬ 
soft’s  Visual  Studio  .Net  develop¬ 
ment  platform  for  creating  cus¬ 
tom  tools  and  agents  for  use  with¬ 
in  Virtual  Office. 

The  platform  has  a  host  of  back¬ 
end  services,  which  includes  its 
Management  Server,  which  pro¬ 
vides  IT  control  over  Groove 
usage  and  integrates  with  corpo¬ 
rate  authentication  and  autho¬ 
rization  systems;  Enterprise  Data 
Bridge,  which  lets  Groove  check 
out  and  check  in  data  from  a  host 
of  data  repositories;  the  agent- 
based  Integration  Server;  and  its 
set  of  Backup  Services  for  pro¬ 
tecting  data. 

Analysts  say  Microsoft  is  filling 
a  gap  it  had  in  offline  support 
that  allowed  use  of  data  and 
applications  in  a  disconnected 
mode,  and  in  providing  a  link  be¬ 
tween  collaboration  teams  that 
include  members  from  different 
companies. 

“There  was  this  remaining  part 
of  the  [collaboration]  picture  that 
Microsoft  could  not  address, 
namely  offline  support  and  the 
virtual  enterprise  that  says,  ‘just 
make  it  as  easy  as  possible  for 
people  who  are  not  part  of  my 
organization  to  securely  partici¬ 
pate  in  collaboration  activities,’” 
says  Peter  O’Kelly  an  analyst  with 
Burton  Group. 

Analysts  have  been  encourag¬ 
ing  Microsoft  to  buy  Groove  for 
some  time,  but  some  sources  say 
Microsoft  pulled  the  trigger  now 
because  Groove’s  financial  situa¬ 
tion  is  weak. 

While  Groove  is  privately  held, 
IDC  reported  the  company’s  rev¬ 
enue  as  $8  million  in  2002  and 
$12  million  in  2003.  IDC  has  not 
published  2004  numbers,  but 
Groove  has  had  two  rounds  of 
layoffs  and  no  new  customer  an¬ 
nouncements  in  the  past  18 
months.  Groove  reports  that  it  has 
received  more  than  $155  million 
in  funding  since  its  inception.* 
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3Com®  OfficeConnect®  Wireless 
108Mbps  1 1  g  PoE  Access  Point 


Eliminates  installation  problems  with  hard  to  wire 
or  reach  locations,  supplying  power  over  Category 
5  or  6  data  cables 

802.1 1  g  standard  supports  speeds  up  to 
108Mbps  in  Super  G  mode  for  high-speed  access 
and  wide  coverage 

Multiple  SSID  support  allows  SSIDs  to  be  bridged 
together  or  isolated  for  flexible  security  control 
Rogue  AP  detection  identifies  and  logs 
unauthorized,  potentially  harmful  APs 
Access  control  screens  device  MAC  addresses 
to  ensure  only  trusted  clients  access  the  WLAN 


•  Allows  you  to  access  network  resources,  the  Internet 
and  e-mail  while  roaming 

•  Performs  at  speeds  of  up  to  1 08Mbps 

•  Features  Super  G  packet  bursting,  compression,  fast 
frames  and  dynamic  turbo  to  boost  performance 
dynamically  without  user  intervention 
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high-speed  Internet  access 
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Network  start-ups  see  hope  ahead 


II I  want  to  see  what  the 
[Cisco]  Call  Manager  road 
map  is. . . .  Where  do  I  need 
to  develop  partnerships  with 
third  parties?!  I 

Craig  Hinkley 

Senior  vice  president  of  network  architec¬ 
ture,  Bank  of  America 


■  BY  BOB  BROWN 

REDWOOD  CITY,  CALIF  — 
Nothing  gets  the  attention  of  a 
room  full  of  network  start-up 
executives  quite  like  a  senior  IT 
official  from  a  huge  company 
such  as  Bank  of  America. 

Attendees  at  last  week’s  Net¬ 
work  Ventures  conference  in  Red¬ 
wood  City  didn’t  like  everything 
Bank  of  America’s  Craig  Hinkley 
had  to  say  when  he  took  the 
stage,  but  he  wasn’t  entirely  dis¬ 
couraging  either.  Hinkley  senior 
vice  president  of  network  archi¬ 
tecture  and  strategic  direction, 
discussed  his  organization’s 
planned  rollout  of  180,000  IP 
phones  across  a  Cisco  network  in 
a  project  orchestrated  by  Elec¬ 
tronic  Data  Systems. 

While  Hinkley  said  the  bank 
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never  considered  going  with  a 
start-up  over  an  established  sup¬ 
plier  for  its  VoIP  project,  he  left 
the  door  open  for  start-ups  to 
supplement  the  Cisco  offerings 
once  the  VoIP  network  gets  fur¬ 
ther  along. 
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In  fact,  Hinkley  said  he  took  part 
in  a  Cisco  customer  advisory 
board  event  during  which  he 
pressed  the  vendor  on  what  it 
would  and  would  not  be  doing. 

“I  want  to  see  what  the  [Cisco] 
Call  Manager  road  map  is,”  said 
Hinkley  who  also  discussed  the 
bank’s  network  at  the  VoiceCon 
show  in  Florida  last  month. 
“Where  are  you  playing  and 
where  are  you  not?  Where  do  I 
need  to  develop  partnerships 
with  third  parties?” 

Hinkley  said  he  is  curious  about 
where  Cisco  is  going  in  network 
management  and  call-quality 
reporting. 

He  also  said  that  since  the  bank 
is  still  in  the  early  stages  of  its  pro¬ 
ject,  it’s  hard  to  say  how  the  net¬ 
work  will  evolve  and  what  new 
products  or  applications  will  be 
needed  to  support  it.  He  said  the 
IT  group  is  not  just  rolling  out  a 
bunch  of  applications  it  thinks 
end  users  will  need,  but  rather  is 
trying  to  find  out  what  those  end 
users  want. 

That  sort  of  talk  was  encourag¬ 
ing  to  start-ups  presenting  at  the 
conference.  For  example,  Xelor 
Software  is  readying  products 
designed  to  help  companies 
ensure  the  quality,  reliability  and 
performance  of  VoIP  networks. 
Xelor,  which  plans  to  have  its  first 
customer  trial  in  May  is  attempt¬ 
ing  to  differentiate  itself  from 
companies  that  simply  report  on 
VoIP  quality  after  the  fact  by 
stressing  the  proactive  capabili¬ 
ties  of  its  software. 

CEO  Rob  Scott  said  Xelor  seeks 
to  “unleash”  customers’  invest¬ 
ments  in  Cisco  VoIP  products. 
Xelor  said  its  products  are  de¬ 
signed  to  enable  customers  to  re¬ 
duce  the  cost  of  installing  and 
operating  VoIP  networks  by  auto¬ 
mating  otherwise  manual  tasks, 
and  by  reducing  the  need  for 
companies  to  overprovision  their 
networks  to  ensure  VoIP  traffic 
travels  smoothly 


The  company  didn’t  get  into 
specific  dollar  figures  when 
asked  about  how  much  its  soft¬ 
ware  will  cost,  but  did  say  it 
would  run  somewhere  between 
3%  and  10%  of  the  cost  of  a  VoIP 
setup  per  endpoint. 

While  plenty  of  speakers  at  the 
conference  acknowledged  the 
common  challenge  for  start-ups 
to  entice  customers  to  take  a 
chance  with  a  newcomer  instead 
of  relying  on  a  more  established 
vendor,  many  of  the  presenting 
companies  said  they  are  getting 
lots  of  customers  and  were  even 
able  to  name  names. 

Groundwork  Open  Source 
Solutions,  a  maker  of  open 
source-based  management  soft¬ 
ware,  said  it  has  many  customers 
who  have  ditched  HP  Open  View 
in  favor  of  the  Groundwork  offer¬ 
ing.  While  the  company 
didn’t  specify  any  such  cus¬ 
tomers  (CEO  Robert  Fanini  said 
the  company  has  a  whitepaper 
on  one  such  customer  in  the 
works),  it  did  mention  buyers, 
including  IT  company  Ariba, 
ticket  reseller  StubHub,  plus 
a  few  utility  companies. 
Groundwork  is  targeting  small 
and  midsize  businesses,  as  well 
as  divisions  of  larger  companies. 

The  Oakland  start-up  special¬ 
izes  in  availability  and  perfor¬ 
mance  management  and  sells  its 
software  as  part  of  a  service  pack¬ 
age,  as  well  as  through  subscrip¬ 
tions.  A  free  General  Public 
License  version  of  the  software  is 
on  the  way  which  Fanini  said  he 
hopes  will  generate  further  inter¬ 
est  in  the  product  and  encourage 
customers  to  pay  for  service  and 
support. 

Groundwork  said  that  many 
basic  management  functions, 
such  as  configuration  and  avail¬ 
ability  monitoring  and  manage¬ 
ment,  have  become  commodi- 
tized.The  company  has  integrated 
open-source  tools  in  those  areas 
and  delivered  a  package  that  goes 
light  on  fancy  features  and  in¬ 
cludes  a  user  interface  based  on 
an  Apache  portal  technology 
called  Jetspeed, 

Fanini  said  Groundwork  com¬ 
petes  with  Computer  Associates, 
IBM  and  HP  though  he  said  his 
company  is  most  often  running 
into  Smarts,  which  was  acquired 
by  EMC  recently 

He  said  Groundwork  is  posi¬ 
tioning  its  software  as  a  manager 
of  managers,  and  because  of  its 
open  source  technology  it  will 
work  with  customers’  current 
products.  ■ 
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Cisco  rolls  out 
intelligent  storage 
module,  new  OS 

■  BY  DENI  CONNOR 

Cisco  last  week  expanded  the  capabilities  of  its  multi-protocol  direc¬ 
tor-level  and  fabric  switches  with  the  introduction  of  a  line  card  and 
software  that  will  let  IT  managers  host  storage  applications  in  the  stor¬ 
age-area  network  fabric. 

The  company  announced  at  Cebit  in  Hanover,  Germany  the  Fibre 
Channel  MDS  9000  Storage  Services  Module  (SSM)  and  SAN-OS  2.1 
software,  which  let  software  and  appliances  from  vendors  such  as  EMC, 
Kashya,  Alactritus,  FalconStor,  Cloverleaf,Topio  and  Xiotech  interoper¬ 
ate  with  Cisco’s  MDS  SAN  switches. 

The  32-port  SSM  fits  in  a  MDS  9000  director-level  or  9200  fabric  switch, 
where  it  consolidates  and  virtualizes  resources  from  different  storage 
systems  so  applications  running  on  the  SSM  can  migrate,  replicate  or 
back  up  data  in  the  pool. 

Among  its  capabilities,  SSM  can  back  up  network  data  without  the 
assistance  of  the  server.  Cisco  is  enabling  the  ANSI-approved  Extended 
Copy  (XCopy),  which  offloads  data  movement  from  back-up  servers  to 
SSM.This  reduces  back-up  windows  and  lets  customers  do  faster  back¬ 
ups. 

“SSM  will  make  it  significantly  faster  to  back  up  and  restore  data  from 
storage  through  the  network  directly  to  the  secondary  storage  medium 
rather  than  have  to  drag  it  first  to  the  media  server  and  then  out  to  the 
secondary  storage,”  says  Stephanie  Balaouras,an  analyst  at  The  Yankee 
Group. 

Michael  Passe,  storage  architect  at  CareGroup/Beth  Israel  Deaconess 
Medical  Center  in  Boston,  says  SSM  will  help  him  virtualize  his  storage 
environment  and  back  up  his  network  faster. 

“We  intend  virtualization  to  be  part  of  our  SAN  environment,”  says 
Passe,  who  has  50T  bytes  of  EMC  storage  data  he  expects  to  pool  over 
the  next  year. 

“SSM  also  makes  sense  for  some  of  the  back-up  problems  we’ve  been 
having,”  Passe  says. “XCopy  will  help  me  get  data  off  of  disk  and  onto 
tape  faster.  With  SSM,  I  wouldn’t  have  to  run  the  backup  through  my 
application  servers, so  I  will  get  better  performance  and  less  impact  on 
applications  during  production  hours.” 

Computer  Associates,  Commvault  and  Veritas  Software  are  expected 
to  support  this  capability  with  their  back-up  and  recovery  products. 

With  SSM,  Cisco  also  is  reducing  the  latency  and  increasing  the  net¬ 
work  performance  in  synchronous  data  replication  between  SANs  con¬ 
nected  over  distances  with  dark  fiber,  dense  wave  division  multiplexing 
(DWDM)  or  SONET  links,  which  lets  customers  copy  data  over  longer 
distances.The  company  claims  a  30%  increase  in  performance  over  a 
77-mile  DWDM  link. 

SSM,  which  processes  as  many  as  320,000  I/Os  per  second,  according 
to  Cisco,  uses  the  ANSI-approved  Fabric  Application  Interface  Standard, 
which  presents  a  common  method  for  developing  SAN  applications 
and  appliances. 

SAN-OS  2.1  is  the  new  version  of  the  MDS  9000  operating  system.  In 
combination  with  Cisco’s  SANTap  Services  protocol,  it  lets  SSM  work 
with  third-party  software-based  appliances.  Cisco  says  it  expects  EMC 
and  Veritas  will  be  among  the  first  vendors  to  deliver  storage  ap¬ 
plications  based  on  SSM.  For  instance,  EMC’s  much-anticipated  Storage 
Router  will  use  SSM  to  virtualize  storage  environments.  Veritas  is 
expected  to  announce  that  its  Veritas  Storage  Foundation  software  will 
operate  on  SSM,  sources  say 

Cisco’s  intelligent  switching  product  competes  with  the  Brocade  Silk¬ 
worm  Multiprotocol  Router,  which  can  run  IBM’s  SAN  Volume  Con¬ 
troller  (SVC)  software.  It  also  is  expected  to  compete  with  McData’s 
ilOK  Director,  which  also  runs  IBM’s  SVC.  However,  unlike  those  prod¬ 
ucts,  Cisco  has  inherent  back-up  and  recovery  capability  and  ac¬ 
celeration  technology. 

SSM,  when  available  from  systems  manufacturers  such  as  EMC,  IBM 
and  HR  will  cost  20%  to  25%  more  than  the  32-port  Fibre  Channel  mod¬ 
ules  from  those  vendors,  according  to  Cisco.  ■ 


IETF 

continued  from  page  1 

becomes  a  more  efficient  stan¬ 
dards  body  that  would  be  good 
news  for  corporate  network  man¬ 
agers,  who  prefer  to  buy  stan- 
dards-based  products  to  ensure 
interoperability 

For  nearly  20  years,  the  IETF  has 
boasted  the  leading  developers 
of  Internet  technology  among  its 
participants.  This  quirky  band  of 
network  engineers  has  devel¬ 
oped  many  of  the  key  standards 
that  make  the  Internet  work,  in¬ 
cluding  DNS,  Internet  Message 
Access  Protocol  and  Lightweight 
Directory  Access  Protocol. 

With  individual  rather  than  cor¬ 
porate  participants,  the  IETF  is  an 
egalitarian,  all-volunteer  group.  At 
the  IETFs  thrice-yearly  meetings, 
winners  of  prestigious  computer 
science  awards  rub  shoulders 
with  grad  students.  In  IETF  tradi¬ 
tion,  the  best  technical  ideas  are 
chosen  regardless  of  who  sug¬ 
gests  them,  and  standards  aren’t 
published  without  working  proto¬ 
types. 

However,  the  group  that  prides 
itself  on  rough  consensus  and 
running  code  is  facing  chal¬ 
lenges  such  as  financial  difficul¬ 
ties  and  declining  attendance. 
These  challenges  are  forcing  the 
group  to  change. 

The  IETF  leadership  has  spent 
much  of  the  past  two  years  fo¬ 
cused  on  restructuring  its  admin¬ 
istrative  and  financial  processes. 
This  restructuring  effort  is  nearing 
completion  with  the  establish¬ 
ment  of  a  new  administrative 
oversight  committee  and  plans  to 
hire  a  full-time  administrative 
director. 

Meanwhile,  attendance  at  IETF 
meetings  continues  to  shrink 
from  more  than  3,000  at  the  peak 
of  the  Internet  bubble  to  just 
more  than  1,000  last  week.  The 
IETF  can’t  afford  to  lose  money 
on  its  meetings  because  it  doesn’t 
charge  membership  fees. 

“The  fact  that  attendance  is 
down  is  a  big  concern,”  acknowl¬ 
edged  Allison  Mankin.a  Shinkuro 
engineer  who  serves  as  one  of 
the  directors  of  the  lETF’s  Trans¬ 
port  Area.  Mankin  said  the  IETFs 
seven  areas  —  Applications, 
General,  Internet,  Operations, 
Routing,  Security  and  Transport 
—  are  trying  to  re-invigorate  the 
work  that  each  is  tackling. 

‘All  of  the  IETF  areas  are  devel¬ 
oping  strategic  plans  not  so  much 
for  bringing  in  attendance  but  for 
looking  to  the  future  of  our 
areas,”  Mankin  explained.  “There 
are  certain  kinds  of  work  that  we 
can  do  for  the  benefit  of  the 


Internet  that  could  also  cause 
some  very  interesting  people  to 
show  up  at  our  meetings.” 

Some  IETF  participants  say  that 
the  most  interesting  Internet  engi¬ 
neering  is  going  on  at  competing 
standards  bodies.  This  is  particu¬ 
larly  true  in  the  lETF’s  Applica¬ 
tions  Area,  where  rivals  such  as 
the  W3C,  Organization  for  the  Ad¬ 
vancement  of  Structured  Inform¬ 
ation  Standards,  the  Liberty  Alli¬ 
ance  Project  and  others  are  con¬ 
ducting  cutting-edge  develop¬ 
ment. 

“The  IETF  has  to  fight  the  per¬ 
ception  that  our  process  is  too 
slow  and  that  we  are  less  attrac¬ 
tive  because  we  don’t  have  indus¬ 
try  representatives,”  said  Scott 
Hollenbeck,  a  VeriSign  engineer 


but  we  haven’t  been  as  good  at 
telling  the  rest  of  the  IETF  about 
it.” 

Signs  of  the  IETF  being  more 
cooperative  in  its  standards  work 
abound.  Last  Wednesday  the  IETF 
held  what  participants  called  a 
“breakthrough”  meeting  with  the 
OMA.  And  on  Thursday  the  IETF 
for  the  first  time  hosted  a  panel 
about  VoIP  developments  that 
was  broadcast  live  over  the 
Internet  to  the  Spring  2005  VON 
Conference  in  San  Jose. 

In  addition,  the  IETF  is  planning 
a  joint  workshop  in  May  with  the 
ITU  on  next-generation  Internet 
architecture  that  will  allow  for 
sharing  of  technical  directions 
and  specifications. 

Another  challenge  for  the  IETF 


II  We  need  to  take  notice  of 
what  other  people  think  of 
whatwedo.lf 

Brian  Carpenter 

Newly  appointed  IETF  chair 


and  one  of  the  directors  of  the 
IETFs  Applications  Area.  “We  see 
a  lot  of  the  cool  new  stuff  going  to 
other  groups.” 

Carpenter  acknowledged  that 
the  Applications  Area  needs  to  re¬ 
think  its  direction.  “It’s  clear  that 
one  of  the  things  we  need  to  do  is 
understand  the  scope  of  what  we 
do  in  the  Applications  Area,”  he 
said. 

But  he  denied  that  there  is  ten¬ 
sion  between  the  IETF  and  other 
groups  such  as  the  W3C  on  stan¬ 
dards  development  in  emerging 
areas  such  as  Web  services. 

“Everyone  agrees  that  the  IETF 
is  the  maintenance  body  for 
HTTP  while  everything  that  runs 
on  HTTP  is  at  W3C,”  he  said. 
“There’s  some  virtue  in  special¬ 
ization  for  the  standards  bodies.” 

Still,  Carpenter  said  improving 
relations  with  other  standards 
bodies  is  among  his  top  priorities. 

“I  just  happen  to  be  based  in 
Geneva,”  Carpenter  said.  “It’s  a  2- 
minute  walk  from  my  office  at 
IBM  to  the  ITU  headquarters.” 

Some  IETF  leaders  say  they  are 
working  behind  the  scenes  with 
other  standards  bodies,  including 
the  Open  Mobile  Alliance 
(OMA), Third  Generation  Partner¬ 
ship  Project  and  3GPP2. 

“We’ve  had  monthly  meetings 
for  quite  some  time  with  these 
groups,”  Mankin  said.“We’ve  been 
working  well  with  other  groups, 


is  the  ongoing  consolidation 
among  ISPs.  Long-distance  carri¬ 
ers  such  as  AT&T  and  MCI  usual¬ 
ly  send  many  participants  to 
IETF  meetings,  while  the  former 
Baby  Bells,  including  SBC,  Veri¬ 
zon  and  Qwest,  do  not.  Now  that 
SBC  has  bought  AT&T  and  either 
Verizon  or  Qwest  is  expected  to 
buy  MCI,  it’s  unclear  whether  the 
new  merged  carriers  will  be  as 
active  in  the  lETF’s  working 
groups. 

Whether  ISP  consolidation  will 
hurt  the  IETF  is  “a  hard  question,” 
Carpenter  said.  “Larger  compa¬ 
nies  tend  to  move  more  slowly  to 
new  technology  but  when  they 
move  they  really  throw  their 
weight  around.  The  question  is 
when  these  carriers  will  need  to 
upgrade." 

Carpenter  and  other  IETF  lead¬ 
ers  said  they  hope  SBC,  Verizon, 
Qwest  and  other  smaller  carriers 
will  become  more  innovative  af¬ 
ter  their  mergers.  “Once  the 
acquisitions  shake  down,  I  can’t 
see  how  they  won’t  be  interested 
in  new  technologies,”  he  said. 

Despite  all  these  challenges, 
Carpenter  and  other  IETF  leaders 
assert  that  the  IETF  is  and  will 
remain  the  premier  standards 
body  for  the  infrastructure  of  the 
Internet. 

“For  layers  three  and  four,  we’re 
the  leaders,"  Carpenter  said.  “I 
don’t  believe  that’s  in  doubt.”  ■ 
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Lessons  from leading  users 


Johnson  &  Johnson  tackles  security  pain 


Providing  access 

Healthcare  giant  Johnson  &  Johnson  has  put  in  place  security  procedures 
that  let  the  company  securely  monitor,  document  and  provide  access 
to  its  outside  partners. 


O  A  J&J  business  manager,  acting  as  “sponsor" 
for  an  intended  e-commerce  Partner  A,  makes 
a  formal  request  to  the  IT  department  to 
provide  network  access. 


3artner  A  fills  out  a  detailed 
questionnaire  with  regard  to  the 
company's  connection  request, 
what  kind  of  security  measures  it 
place  and  so  on. 


©  Both  sides  sign  a  legal  agreement  governing  use  of  the  e-commerce 
connection  and  recognizing  that  a  six-month  security  review  of  the 
connection  will  be  done,  J&J  then  makes  a  final  check  and  allows 
the  busines  partner  into  the  network,  usually  through  a  VPN. 


■  BY  ELLEN  MESSMER 

For  Johnson  &  Johnson,  the  health¬ 
care  giant  with  more  than  200  sepa¬ 
rate  companies  operating  in  54 
countries,  one  of  the  biggest  problems 
encountered  in  e-commerce  was  find¬ 
ing  a  way  to  quickly  get  business  part¬ 
ners  access  to  the  network  but  enforce 
security 

The  problem  vexed  the  Brunswick,  N.J., 
maker  of  pharmaceuticals  and  medical 
equipment  because  e-commerce  part¬ 
ners,  once  given  access,  sometimes  intro¬ 
duced  worms  and  viruses  into  J&J’s  net¬ 
work.  In  addition,  the  process  of  review¬ 
ing  business  requests  for  network  access 
between  a  J&J  unit  and  its  intended  part¬ 
ner  had  become  burdensome,  delaying 
e-commerce  transactions. 

However,  IT  staff  at  J&J  said  since  new 
security  procedures  put  in  place  a  year 
ago  altered  the  equation,  it  has  been 
much  faster  to  process  network-access 
requests.  Through  the  uniform  monitor¬ 
ing  and  documentation  processes,  secu¬ 
rity  has  improved,  with  worm  and  virus 
outbreaks  emanating  from  business  part¬ 
ners  reduced  to  nil. 

“The  documentation  is  still  a  bit  cum¬ 


bersome,  but  now  it’s  a  repeatable 
process,” says  Thomas  Bunt,  director  of 
worldwide  information  security  at 
J&J,  about  the  challenge  of  providing 
network  access  for  business  partners. 
“We’re  facing  an  increased  demand 
for  external  connections,  and  it  wasn’t 
easy  to  do  this.” 

When  a  business  manager  at  J&J 
wants  to  have  counterparts  in  outside 
firms  gain  access  to  internal  applica¬ 
tions  for  e-commerce,  the  IT  depart¬ 
ment  is  summoned  to  assess  risk. 

First,  the  J&J  unit  and  the  outside 
firm  have  to  fill  out  a  detailed  ques¬ 
tionnaire  about  the  nature  of  the  con¬ 
nection  request,  says  Denise  Medd, 
information  security  senior  analyst.  In 
addition,  J&J  expects  the  intended  e- 
commerce  partner  to  submit  to  a 
security  assessment  and  evaluation. 

This  vulnerability  assessment  may 
be  done  by  a  neutral  third  party  but 
the  goal  is  to  ensure  that  doing  busi¬ 
ness  via  the  network  connection,  which 
is  typically  opened  up  via  J&J  firewall, 
presents  no  unnecessary  risks.  The  J&J 
operating  company  officially  known  as 
“the  sponsor^’  is  held  to  the  same  stan¬ 
dards,  Medd  emphasizes. 


Occasionally,  a  request  for  network 
access  is  turned  down,  especially  if  the 
J&J  side  has  servers  lacking  proper 
patch-update  mechanisms  or  other 
shortcomings.“There  is  a  final  review,  and 
we  will  not  let  an  insecure  connection  go 


live,”  Medd  says. 

The  IT  and  security  professionals  at  J&J 
worked  with  the  legal  department  to 
craft  standard  procedures  for  requests 
and  evaluations.  J&J  and  its  partner  also 

See  J&J,  page  18 


Vendors  launch  innovative  VoIP  gear 


Takes 


BY  PHIL  HOCHMUTH 


■  Sana  Security  last  week  an¬ 
nounced  Primary  Response  3.0, 

the  third  version  of  its  host-based 
intrusion-prevention  software  that 
uses  behavior-based  detection  meth¬ 
ods  to  block  malicious  code.  Pre¬ 
viously  intended  for  servers  alone, 
Primary  Response  3.0  adds  defense 
software  for  desktop  computers  with 
a  default  set  of  protections  to  stop 
Trojans,  keyloggers  and  rootkits. 
Primary  Response  3.0  costs  $12  for 
the  desktop  IPS  software  and  $875 
for  the  server  agents. 


While  large  IP  PBX  vendors  continue  to 
build  on  server-based  platforms,  some 
international  vendors  are  taking  more 
unique  approaches  to  small-business  VoIP 
systems. 

Among  the  distinctive  small-business 
VoIP  products  emerging  is  an  embedded 
IP  PBX  appliance  for  small  offices  that  fits 
in  a  briefcase.  Or,  for  customers  not  inter¬ 
ested  in  any  extra  hardware,  another  VoIP 
system  uses  peer-to-peer  technology  in  IP 
phones,  eliminating  the  need  for  an  IP  PBX. 
Users  of  these  types  of  products  say  the 
gear  is  more  focused  on  the  needs  of  small- 
office  phone  systems  and  provides  a  good 


cost-saving  alternative  to  expensive  server- 
based  IP  PBXs  from  larger  vendors. 

One  company,  German  VoIP  vendor 
Snom  Technology  has  crunched  down  an 
IP  PBX  into  a  device  smaller  than  a  home 
answering  machine.  The  Snom  Box  is  an 
IP  PBX  for  companies  with  50  or  fewer 
users.  The  device  runs  Snom’s  4S  IP  PBX 
and  voice  mail  system  software  on  top  of 
an  embedded  Linux  operating  system. 
(Snom  offers  this  software  on  a  server- 
based  IP  PBX  for  larger  businesses  and  for 
carriers  offering  IP  Centrex  services.) 
Conferencing  and  auto-attendant  features 
also  are  supported. 

The  Snom  Box  is  tiny:  3.5  inches  tall  by  3 
inches  wide  and  1.5  inches  deep.  This  is 


smaller  than  the  IP  phones  the  system 
supports.  The  IP  PBX  software  uses 
Session  Initiation  Protocol  (SIP)  for  trans¬ 
port,  so  it  is  compatible  with  any  standard 
SIP  phone. 

“It  was  important  for  us  to  us  SIP  This 
gives  small  businesses  more  options  in 
choosing  handsets; were  not  looking  to  tic 
anyone  into”  proprietary  VoIP  protocols  or 
phone  hardware,  says  Oliver  Wittig.Snoms 
global  sales  manager. 

The  Snom  Box  has  dual  10/1 OOM  bit/sec 
Ethernet  ports  for  redundant  network 
links,  a  USB  port  and  a  flash  memory  card 
slot.  Snom  says  the  device  is  reliable 
because  it  has  no  moving  parts:  The 

See  VoIP,  page  IS 
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Notwithstanding  the  fact  it  will  be 
many  years  before  very  many  corpo¬ 
rate  users  might  be  able  to  work  in  a 
“Microsoft-free”  environment,  there  ap¬ 
pears  to  be  significant  effort  being  put 
forth  to  make  it  a  reality  From  the  geekiest 
tech  pubs,  like  the  Java  Developer's  Journal 
to  august  ones  such  as  The  Wall  Street 
Journal,  circumventing  Microsoft  is  a  hot 
topic. 

I  choose  “circumvention”  deliberately  as 
many  of  the  strategies  intend  not  so  much 
to  eliminate  Microsoft  from  the  equation 
but  to  limit  our  dependence  on  Microsoft 
and  limit  the  payments  users  make  to 
same. 

Some  circumvention  techniques  are 
endorsed  —  and  even  sold  —  by 
Microsoft,  whereas  others  are  completely 
outside  of  its  control. 

In  the  former  category  we  find  both  “ter¬ 
minal  services”  and  “virtual  PC”  technolo¬ 


Circumventing  Microsoft 


gies.  Microsoft  sells  terminal  services 
licenses  directly  and  indirectly  via  its 
agreements  with  Citrix  Systems.  Virtual  PC 
(and  virtual  server)  technologies  are  sold 
in  Microsoft  boxes. 

With  terminal  services,  clients  running  on 
non-Windows  operating  systems  —  includ¬ 
ing  Linux,  Macintosh,  Java  and  Solaris  — 
can  run  native  Windows  applications 
remotely  (and  efficiently)  using  thin-client 
technology.  While  it  doesn’t  eliminate 
Windows  (and  you  have  to  be  online  to 
use  it),  it  provides  for  client-side  flexibility 

Where  one  needs  to  have  full  Windows 
available  locally  virtual  PC  technology  can 
be  had  from  Microsoft  or  EMC’s  VMware 
division.  With  this  approach,  one  can  load 
and  boot  one  or  more  Windows  systems 
running  “virtually”  on  “top”  of  a  base  oper¬ 
ating  system  —  usually  Windows,  Linux  or 
Macintosh  —  that  actually  controls  the 
hardware. 

Again,  while  one  ends  up  paying 
Microsoft  for  both  the  virtualization  soft¬ 
ware  and  an  operating  system  license,  one 
gains  the  flexibility  of  using  a  different  base 
operating  system,  thus  circumventing 
Microsoft’s  stranglehold  on  your  desktop. 

The  rise  of  the  browser  as  the  ubiquitous 


client  portal  has  already  loosened 
Microsoft’s  grip  on  the  desktop.  After  all,  if  I 
use  applications  like  Salesforce.com  (and 
myriad  others)  that  are  built  with  the 
browser,  I  can  get  my  job  done  from  any 
browser-enabled  computer  —  which  is  to 
say  any  computer. 

Still,  there  are  many  sites  built  deliberate¬ 
ly  or  inadvertently  to  Microsoft’s  Internet 
Explorer  specifications.  Sites  that  look  fine 
viewed  using  Internet  Explorer  but  down¬ 
right  bizarre  when  using,  say  Firefox  or 
Opera.  (The  Firefox  people  recently 
announced  that  they’d  already  reached  25 
million  downloads.) 

While  a  user  can  (and  many  do)  have 
multiple  different  browsers  loaded,  switch¬ 
ing  back  and  forth  is  a  nuisance.  According 
to  an  article  in  The  Wall  Street  Journal  in 
early  March,  Netscape  8  (in  beta)  contains 
both  an  Internet  Explorer-  and  a  Firefox- 
based  rendering  engine.  Sites  that  it  deems 
“safe”  (the  site  owners  are  unlikely  to  ex¬ 
ploit  Internet  Explorer’s  well-documented 
security  flaws)  are  rendered  using  Internet 
Explorer  or  Internet  Explorer  components 
(no,  I  don’t  know  the  details). Questionable 
sites  are  rendered  using  the  arguably  more- 
robust  Firefox  code  (from  which  Netscape 


8  was  built).  So,  Microsoft  is  circumvented 
dynamically. 

Much  less  visible  but  arguably  more 
important  is  what  is  going  on  in  the  world 
of  development. 

Microsoft  has  devoted  massive  amounts 
of  effort  into  making  .Net  into  a  top-notch 
development  framework  (and,  I  think  suc¬ 
ceeding  in  that  effort.)  Also,  the  Mono  pro¬ 
ject  (www.mono-project.com/Main_Page) 
was  formed  to  allow  developers  of  .Net 
applications  to  be  able  to  run  on  non- 
Windows  platforms  (because  Microsoft 
only  provides  a  Windows  run  time).  If 
Mono  achieves  its  goals  it  will  let  develop¬ 
ers  leverage  Microsoft  efforts  while  ulti¬ 
mately  circumventing  Microsoft. 

Finally  in  the  bowels  of  geekdom,  you’ll 
find  the  Apache  Jakarta  POI  project 
(http://jakarta.apache.org/poi/), the  goal  of 
which  is  to  circumvent  (again)  Microsoft 
by  providing  an  API  that  lets  Java  programs 
access  Microsoft  Office  file  formats. 

Check  it  out  —  this  is  the  future. 

Tolly  is  president  of  The  Tolly  Group,  a 
strategic  consulting  and  independent  test¬ 
ing  company  in  Boca  Raton,  Fla.  He  can  be 
reached  at  ktolly@tolly.com. 


IP  PBX-less  VoIP 

A  small-business  VoIP  system  by  Aastra  uses  peer-to-peer  technology, 
letting  IP  phones  set  up  calls  among  peers. 

VenturelP  480i  IP  phone 
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VenturelP  480i  IP  phone 


- IP  voice  stream 

-  Peer-to-peer  call  setup  signaling 


O  SIP-based  489i  IP  phones  ©  Through  a  VPN,  a  remote  IP  phone  ©  Without  an  IP  PBX,  the  VenturelP 
connected  to  a  LAN  set  up  calls  user  also  can  have  an  extension  on  Gateway  is  required  to  reach  outside 

and  control  the  stream  of  voice  the  phone  network.  phone  connections, 

packets  during  VoIP  conversations. 


VoIP 

continued  from  page  17 

operating  system  software  is  loaded  from 
flash  memory  which  is  also  used  for  voice 
mail  storage. Voice  mail  also  can  be  backed 
up  to  a  separate  server  over  the  LAN. 

A  Web-based  interface  is  used  to  config¬ 
ure  and  administer  the  device.  It  will  be 
sold  through  retail  channels  internationally 
and  works  with  SIP-compatible  public 
switched  telephone  network  (PSTN)  gate¬ 
ways  and  open  source  VoIP  gateways,  such 
as  Asterisk  and  Vovida.The  Snom  Box  will 
be  sold  in  Europe  through  carriers,  which 
will  offer  services  that  let  a  Snom  Box  con¬ 
nect  to  a  carrier  network  via  Volf?  and  link 
to  the  public  phone  network  through  a  car¬ 
rier’s  infrastructure. 

The  Snom  Box  is  scheduled  to  be  avail¬ 
able  next  month  starting  at  $1,400. 

Another  VoIP  system  for  small  businesses 
—  from  Canadian  firm  Aastra  —  does  not 
use  a  IP  PBX.  Rather,  the  IP  phones  com¬ 
municate  with  an  IP-based  peer-to-peer 
call  setup  scheme. 

The  VenturelP  480i  phones  are  set  up  by 
entering  an  end  user’s  name,  extension 
number  and  IP  addresses  into  the  device. 
The  phones  also  include  programmable 
feature  buttons,  speakerphones  and  an 
eight-line  LCD  display.  Individual  voice 
mail  boxes  are  included  in  each  phone. 
Users  also  can  point  a  Web  browser  at  the 
IP  phones  to  view  calling  records  and 
other  management  statistics. 

The  $380  phones  are  connected  via 
Ethernet  switch  ports  and  discover  each 
other  over  a  LAN  using  a  proprietary  dis¬ 
covery  protocol  developed  by  Nimcat 
Software,  which  also  makes  the  call  con¬ 


trol  and  operating  system  for  the  devices.  A 
VenturelP  Gateway  ($280)  is  used  to  con¬ 
nect  the  LAN-based  phones  to  an  outside 
PSTN  trunk.  Up  to  200  VenturelP  phones 
can  operate  on  a  LAN. 

The  VenturelP  phones  and  gateway  are 
deployed  in  the  10-person  office  of  Money- 
Vest  Financial,  an  Ottawa  brokerage  firm. 

“I  always  had  a  dilemma  with  small-busi¬ 
ness  phone  systems,”  says  Ben  Fard,  man¬ 
aging  director  at  MoneyVest.  “Most  phone 
systems  require  a  lot  of  money  up  front  for 
equipment.  Then  they  hit  you  again  [with 
more  upgrade  costs]  if  you  want  to 
expand.”  He  says  with  the  VenturelP  sys¬ 
tem,  “you  don’t  have  to  invest  in  a  lot  of 


back-room  infrastructure.” 

Fard  says  he  looked  at  a  Nortel  small- 
office  PBX  system,  which  started  at  about 
$10,000  for  just  the  phone  switch;  phones 
and  licenses  were  extra.  At  $380  per 
phone,  Fard  says  he  is  seeing  equal  per¬ 
formance  and  features  on  the  VenturelP 
system  at  a  lower  price  than  a  switch  or 
server-based  PBX  or  IP  PBX. 

“If  we  grow,  I’ll  just  add  phones,”  he  says. 
“If  we  don’t  grow,  I  haven’t  paid  a  lot  of 
money  up  front  for  [voice]  capacity  and 
hardware  we  don’t  use.” 

Later  this  year,  Fard  plans  on  rolling  out 
VenturelP  phones  to  about  15  brokers  who 
work  from  home.  ■ 
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continued  from  page  17 

must  complete  a  contract  or  memo 
of  understanding  regarding  the  net¬ 
work  connection  to  be  established. 

“We’ll  look  closely  at  what  the  con¬ 
nectivity  is,  and  typically  a  limited 
number  of  people  could  have 
access,”  Bunt  says,  pointing  out  that 
J&J  strives  to  accommodate  requests 
for  a  range  of  VPN  access  methods. 

J&J  also  includes  an  inspection 
process  every  six  months  to  ascer¬ 
tain  the  security  of  the  network  con¬ 
nection.  The  risk  management  pro¬ 
cedure  has  resulted  in  a  dramatic 
drop  in  virus  and  worm  outbreaks. 
Sometimes  business  project  man¬ 
agers  grumble  about  the  assess¬ 
ment  process,  but  management’s 
solid  backing  of  it  has  made  it  a  uni¬ 
formly  enforced  process  that  is  in 
effect  with  hundreds  of  outside 
firms,  Bunt  says. 

The  IT  department  says  it  hopes  to 
streamline  the  risk  evaluation  fur¬ 
ther  by  drawing  up  standardized 
interconnection  security  agree¬ 
ments  and  uniform  set  of  questions 
to  ask  outside  firms  wanting  access 
to  J&J’s  internal  network. 

“We  also  need  to  better  explain  to 
our  partners  why  they  need  to  do 
this  and  how  they  benefit  by  getting 
a  good  look  at  our  security  posture,” 
Bunt  says.  ■ 
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Middleware  for  the  or^^Bid  world.  Learn  more  at  ibm.com/middlew*e/teamwork 


1.  Endorsement  deal  e-mailed  to  agent. 

2.  IMs  serial  numbers  to  vendor,  securely. 

3.  Staff  shares  updated  model  specs. 

4.  Production  goals  posted  to  team  space. 

5.  New  product  launched  in  record  time. 


MIDDLEWARE  IS  IBM  SOFTWARE.  IBM  Workplace™ 
Services  Express  software.  Designed  and  priced  for 
mid-sized  businesses,  it’s  how  to  collaborate  from 
anywhere.  At  any  time.  Built  on  open  standards,  it  can 
keep  your  business  flexible,  more  responsive.  It’s  easy 
to  implement,  easy  to  manage.  It  can  help  you  make 
better,  more  informed  decisions  and  not  miss  a  beat. 


Middleware  is  Everywhere. 


Can  you  see  it? 


Sizzling  performance.  Refreshing  price. 

The  Xerox  Phaser*  8400  is  hot  and  cool  at  the  same  time. 

Xerox  Color.  It  makes  business  sense. 


Not  only  does  the  Xerox  Phaser  8400  deliver  24  pages  per 
minute  in  black  and  white,  but  it  produces  brilliant  color 
prints  at  the  same  dazzling  speed.  For  under  $1000!  Color  is 
consistently  clear  and  vivid,  print  after  print.  Your  first  page 
out  is  an  industry-leading  6  seconds.  And  when  it  comes  to 


xerox.com/office/1964 
1-877-362-6567  ext.  1964 


convenience,  nothing  is  cooler  than  the  Phaser  8400 ’s  unique 
and  reliable  solid-ink  technology,  which  makes  changing  our 
ink  fast,  simple,  and  clean.  For  more  about  our  full  line  of  Xerox 
network  printers,  digital  copiers  and  multi-function  systems, 
call  us  or  visit  our  website  today.  Our  whole  line  is  cool  and  hot. 
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Takes 

■  IBM  plans  to  offer  Brocade 
Communications’  SilkWorm 
Multiprotocol  Router  as  the  IBM 

TotalStorage  SAN16B-R  Multiprotocol 
Router.  The  eight  to  16  port  router 
allows  resource  sharing  across  stor¬ 
age-area  network  islands  and  hosts 
data  migration  and  back-up  and 
recovery  applications.  It  can  connect 
servers  and  storage  across  storage 
networks  by  creating  logical  SANs, 
while  isolating  them  from  another  to 
avoid  disruptions.  The  TotalStorage 
SAN16B-R  Multiprotocol  Router  sup¬ 
ports  Fibre  Channel,  Fibre  Channel 
over  IP  and  iSCSI  protocols,  It  costs 
$37,300. 

■  Storage  systems,  medical  imaging 
equipment  and  other  custom- 
designed,  hardwired  devices  —  so- 
called  embedded  systems  —  might 
soon  be  available  with  Advanced 
Micro  Devices’  32-/64-bit  Opteron 
processor.  The  chipmaker  last  week 
announced  it  is  adding  Opteron, 
which  has  been  widely  successful  in 
traditional  server  platforms,  to  its 
embedded  lineup,  AMD  already  of¬ 
fers  low-power  Alchemy  and  Geode 
chips  for  embedded  systems.  The 
Opteron  provides  a  higher-performing 
option,  AMD  says.  AMD  is  not  modi¬ 
fying  Opteron  for  the  embedded  mar¬ 
ket,  but  rather  extending  the  availabil¬ 
ity  of  certain  models  of  the  chip,  a 
requirement  for  embedded  systems 
that  have  longer  life  cycles  than  tra¬ 
ditional  hardware. 

■  Spectra  Logic  this  week  is 
expected  to  announce  a  tape  library 
designed  for  small  to  midsize  organi¬ 
zations.  The  Spectra  T50  is  a  Linear 
Tape  Open  library  that  includes  a  GUI 
and  browser  interface  and  health- 
check  tools.  Users  can  increase  the 
capacity  of  the  library  in  five-slot 
increments.  LTO  technology  allows 
tapes  to  be  read  by  any  LTO-enabled 
library  from  Quantum,  IBM  or  HP. 

The  Spectra  T50  library  holds  up  to 
four  LTO  drives  and  50  media  slots  in 
a  4U-high  rack.  It  starts  at  $9,300. 


A  Wyse  GEO  touts  software  initiative 


The  newly  appointed  CEO  of  thin- 
client  vendor  Wyse  Technology  has 
the  task  of  transforming  a  small, 
modestly  growing  desktop  hard¬ 
ware  vendor  into  a  major  software 
player. 

And  that’s  what  John  Kish  says 
he  ’ll  do.  Wyse  is  ranked  No.  1  with 
37%  of  the  thin-client  market,  fol¬ 
lowed  by  Neoware  Systems  and 
HE  according  to  1DC.  Thin  clients  essentially  display 
applications  that  are  run  and  managed  on  central¬ 
ized  servers,  using  software  from  Citrix  or  Microsoft. 
But  few  companies  have  given  up  PCs  entirely  for 


thin  clients.  So  how  does  Kish  plan  to  double  Wyse 
revenue  to  about  $350  million  in  two  years  and 
make  it  a  $1  billion  company  in  five?  Network 
World  Senior  Editor  John  Cox  spoke  with  him  as  he 
was  packing  for  a  three-week  business  trip  to  the 
Far  East. 

You  were  CEO-in-residence  at  Garnett  &  Helfrich  Capital,  a  ven¬ 
ture  buyout  firm  that  invested  $35  million  to  take  a  controlling 
interest  in  Wyse  and  installed  you  as  president  and  CEO.  Why? 

Wyse  has  lots  of  expertise  in  hardware  devices  at  the 
edge  of  the  network,  which  enable  network-centric  com- 
puting.The  bet  that  G&F  is  making  is  that  this  model  of 
network  computing  is  becoming  more  important  as  we 

See  Kish,  page  22 


Microsoft  set  to  launch  64-bit  blitz 


■  BY  JOHN  FONTANA 

Microsoft  next  month  finally  will  ship  the 
long-awaited  64-bit  editions  of  its  latest 
server  and  client  operating  systems,  and 
the  move  is  just  the  tip  of  a  64-bit  iceberg. 

Microsoft  plans  to  offer  64-bit  versions  of 
several  of  its  applications  this  year  and 
next,  including  SQL  Server,  Exchange, 
Commerce  Server,  Microsoft  Operations 
Manager  and  Virtual  Server.  Today,  SQL 
Server  2000  is  the  only  Microsoft  applica¬ 
tion  offered  on  a  64-bit  platform. 

The  first  and  often-delayed  plunge  into 
64-bit  comes  next  month  with  the  release 
of  Windows  Server  2003  x64  Editions  and 
Windows  XP  Professional  x64  Edition. 
Microsoft  made  this  announcement  earl¬ 
ier  this  month  at  the  Intel  Developer’s 
Forum  conference. 

But  the  64-bit  initiative  doesn’t  end  there. 
Microsoft  has  been  briefing  partners  and 
developers  during  its  Route64  Training 
Tour  on  its  future  plans  for  its  applications 
on  AMD64  and  Intel’s  EM64T  processors, 
so-called  X64  platforms. 

According  to  slides  presented  to  devel¬ 
opers  in  February  Microsoft  has  at  least  12 
products  slated  for  64-bit  versions  over  the 
next  21  months. 

“The  information  in  the  slides  is  incom¬ 
plete  and  is  in  the  process  of  being 
updated,  and  we  will  have  more  to  share 
at  the  end  of  April,”  a  Microsoft 


Bit  by  bit 

By  the  end  of  2006,  Microsoft 
plans  to  have  12  applications, 
its  developer  tools  and  two 
operating  systems  running  on 
64-bit  platforms. 


spokesperson  cautions. 

However,  the  slides  show  that  first  out  of 
the  gate  will  be  SQL  Server  2005,  code- 
named  Yukon,  which  will  have  both  x64 
and  Itanium  support,  and  Visual  Studio 
2005,  code-named  Whidbey  which  also  will 
support  both  sets  of  processors. 

In  the  third  quarter,  Microsoft  is  sched¬ 
uled  to  ship  Commerce  Server,  code- 
named  Golden  Eagle,  BizTalk  Server, code- 
named  Pathfinder,  and  Host  Integration 
Server  2005,  all  on  the  x64  platform  only. 
Sometime  in  the  second  half,  Microsoft  is 
set  to  release  an  x64  version  of  Virtual 
Server  2005  with  Service  Pack  1  of  that 
software,  and  for  Virtual  PC  2004  with  SP2. 
Also  later  this  year,  Microsoft  plans  to 
release  an  x64  and  Itanium  version  of 
Services  for  Unix,  an  integration  and 
migration  platform. 

Next  year,  Microsoft  is  scheduled  to 
release  a  version  of  Microsoft  Operations 
Manager,  code-named  Relentless,  for  both 


x64  and  Itanium. The  year  also  will  include 
x64  releases  of  Exchange  12,  Virtual  PC 
Server  Version  2,  code-named  Hedgehog, 
and  Virtual  Server  Version  2. 

Also  at  the  Intel  conference,  Microsoft 
didn’t  provide  details  on  its  64-bit  applica¬ 
tion  road  map,  but  Jim  Allchin,  group  vice 
president  for  platforms,  said  the  company 
is  “locked  on  to  64-bit.” 

Microsoft  already  has  support  for  Intel’s 
Itanium  64-bit  processor  on  the  Enterprise 
and  Datacenter  versions  of  Win  2003  and 
SQL  Server  2000,  but  the  advent  of  32-bit 
processors  with  64-bit  extensions  from 
both  Advanced  Micro  Devices  and  Intel 
finally  are  motivating  Microsoft  to  play 
catch-up  with  Unix  and  Linux  platforms 
that  have  had  64-bit  support  for  years. 

“Microsoft  has  been  waiting  for  64-bit  to 
become  a  high-volume  hardware  plat¬ 
form  before  making  a  commitment,”  says 
Dan  Kusnetzky,  program  director  for  oper¬ 
ating  environments  and  serverware  at 
IDC.  “With  64-bit  applications,  they  can 
better  compete  in  the  market  for  systems 
for  high  performance  and  computational 
applications.  Right  now,  when  you  talk 
about  super  computing,  you  seldom  hear 
anyone  talk  about  Windows.”  He  says  the 
new  x64  processors  mean  users  can  look 
at  migration  as  evolutionary  and  not  dis¬ 
ruptive.  “If  users  had  to  move  everything 
all  at  once  top  to  bottom,  they  would  resist 
a  change  like  that,”  he  says.B 
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Symantec  touts  back-up  mgmt  software 


■  BY  DENI  CONNOR 

Symantec  last  week  rolled  out  data-pro- 
tection  software  that  lets  IT  administrators 
monitor,  control  and  manage  all  back-up 
instances  in  their  enterprise-size  networks. 

Called  LiveState  Recovery  Manager  3.0, 
the  product  offers  a  consolidated  view  of 
enterprisewide  backups,  monitors  remote 
systems  from  a  central  console  and  verifies 
that  backups  have  been  successfully  com¬ 
pleted.  With  the  software,  IT  administrators 
also  can  automatically  deploy  back-up  ser¬ 
vices  and  create  policies  that  govern  the 
back-up  operations  that  take  place. 

LiveState  Recovery  Manager  is  new  — 
the  3.0  designation  simply  coincides  with 
the  company’s  LiveState  Recovery  3.0  data- 
protection  product,  which  lets  IT  adminis¬ 
trators  perform  disk-based  backups. 

With  LiveState  Recovery  Manager,  IT 
administrators  can  identify  how  many 
devices  are  enabled  for  recovery  how 
many  have  jobs  scheduled,  how  many 
have  missed  scheduled  jobs  and  how 
many  are  offline.The  incident  numbers  are 
displayed  graphically  and  links  are  provid¬ 
ed  that  help  resolve  identified  problems. 

Greg  Barry,  business  development  man¬ 
ager  for  the  Bower  Consulting  Group  in 
New  York,  has  been  beta-testing  LiveState 
Recovery  Manager  3.0. 


“The  software  centralizes  the  routine 
management  and  reporting  that  you  would 
have  to  have  done  manually  before,”  Barry 
says.“If  you  want  to  increase  the  frequency 
of  incremental  backups  across  a  group  of 
servers,  it’s  basically  a  one,  two,  three  click 
rather  than  150  clicks  to  set  it  up.” 

LiveState  Recovery  Manager  also  is 
linked  to  Symantec’s  pcAnywhere  remote- 
control  product.  PcAnywhere  lets  IT  ad¬ 
ministrators  remotely  control  and  manage 
servers  and  workstations.  The  product  also 
is  linked  to  the  Snap  Server  Manager  and 
lets  users  configure  archive  space  on  Snap 
server  appliances. 

The  LiveState  Recovery  products  came  to 
Symantec  through  its  acquisition  of  Fbwer- 
Quest  in  September  2003. 

The  product  competes  with  SysDM’s 
WysDM  for  Backups  and  Bocada’s  Backup 
Reporter.  Unlike  those  products,  which 
manage  backups  that  have  been  made 
with  any  back-up  and  recovery  software, 
Symantec’s  software  works  only  with  its 
own  LiveState  Recovery  package.  But  Boc¬ 
ada’s  and  SysDM’s  products  are  static  re¬ 
porting  tools  —  they  don’t  let  administra¬ 
tors  initiate  backups  or  other  operations. 

LiveState  Recovery  Manager  is  expected 
to  be  available  next  month  starting  at  $341 
for  the  advanced  server  and  roughly  $20 
for  each  desktop  backed  up.  ■ 


Live  look  from  Symantec 

LiveState  Recovery  Manager  shows  the  number  of  successful  backups, 
those  that  failed  and  the  number  of  errors  on  a  certain  date. 
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continued  from  page  21 

see  a  blurring  between  the  enterprise  and  the  con¬ 
sumer  markets.  We’ll  take  a  company  that’s  been 
defined  as  a  hardware  company  and  begin  emphasiz¬ 
ing  new  software  architectures  first  for  the  enterprise 
space,  and  then  extend  these  into  the  consumer  space. 

And  what  do  you  mean  by  new  software  architectures? 

The  real  value  of  thin-client  computing,  if  you  talk  to 
large-company  CIOs,  is  not  in  the  [thin-client]  device 
itself. Their  question  is, ‘How  can  I  build  an  architecture 
that  lets  me  decide  where  [on  my  network]  the  pro¬ 
cessing  occurs?’  For  example,  a  customer  may  choose 
to  have  everything  run  centrally  for  a  highly  secure 
application.  But  for  another  application,  he  may  want  to 
run  part  of  the  application  on  the  edge  device,  but  not 
allow  any  data  to  reside  there. 

Implementing  this  kind  of  flexible  architecture 
requires  the  ability  to  dynamically  shift  application  frag¬ 
ments  back  and  forth  between  the  server  and  the  end 
device.This  is  technology  that  doesn’t  exist  in  a  com¬ 
mercial  form  today  but  Wyse  will  be  bringing  it  to  mar¬ 
ket  in  the  next  two  quarters. 

And  this  is  real? 

We  already  have  some  customers.There  are  a  handful 
who  are  already  in  beta  test  on  this  technology 


Why  is  this  flexibility  such  a  big  deal  to  these  customers? 

They  can  rationalize  cost. You  can  start  making  deci¬ 
sions  about  the  right  kind  of  device  for  a  particular 
kind  of  user. Traditionally  people  tended  to  buy  PCs  in 
lieu  of  thin  clients  because  they  thought, ‘You  can  do  so 
much  more  with  a  PC  instead  of  a  thin  client,  so  why 
not  just  get  it, and  then  add  Citrix  if  you  wanted  a  net¬ 
work-centric  model?’ 

So  why  not? 

But  they  found  that  the  cost  of  managing  those  PCs 
is  excessive. The  total  cost  of  ownership  is  40%  to  60% 
higher  for  a  PC  vs.  a  thin  client  for  any  particular  appli¬ 
cation  type.  Companies  want  to  provide  the  most  opti¬ 
mal  solution  for  their  end  users.  One  solution  may  be 
having  an  active  browser  on  a  thin  client.  But  for 
another,  you  might  want  to  block  the  browser  and 
access  a  centrally  managed  application.  Companies 
want  to  be  able  to  make  that  choice  for  each  user  or 
application  type. 

What  does  all  this  mean  for  the  end-user  device? 

The  Wyse  thin  clients  have  addressable,  flat  memory 
The  question  is  how  do  you  use  this?  Today  you  use  it 
to  store  the  presentation  subsystem.  What  we’re  pushing 
toward  is  making  this  addressable  space  able  to  host 
entire  applications  or  parts  of  applications  and  switch 
those  parts  or  fragments  in  and  out  of  addressable 
memory  on  demand. These  will  be  devices  and  soft¬ 
ware  that  can  self-modify  based  on  the  particular  needs 
of  a  user  or  an  application. 


What  does  'self-modifying'  mean? 

We  usually  think  of  the  end  device  today  as  having  an 
inherent  identity:  When  it’s  turned  on  it  ‘gathers  up’  this 
identity  locally,  by  booting  Windows  XP  or  whatever. 
This  identity  is  fixed  with  the  device:  It’s  always  an  XP 
device.  But  if  you  remove  that  assumption  so  that  any 
time  the  device  is  turned  on  it  becomes  whatever  the 
network  told  it  to  become,  in  terms  of  the  operating 
environment  and  applications,  it  would  be  a  true  utility 
networking  device. 

All  you  really  need  is  a  flat,  addressable  memory 
space,  the  kind  of  memory  you  can  buy  at  CompUSA, 
and  be  able  to  move  stuff  in  and  out  of  it.  And  let  the 
network  do  all  the  heavy  lifting. 

So  as  long  as  I  have  a  box  with  a  display  screen  and  address¬ 
able  memory,  I  can  use  it  as  the  equivalent  of  an  iPod  or  a  cell 
phone  or  whatever? 

Bingo.  Or  as  a  cash  registers  radio  frequency  ID 
reader,  an  intelligent  gas  pump,  whatever. 

Who's  going  to  buy  your  stuff? 

In  the  enterprise  space,  we’ll  provide  devices  and 
software  for  this  new  model.  In  the  consumer  space, 
we  see  a  whole  new  economy:  The  carriers  are  quite 
interested  in  being  able  to  use  multipurpose  devices 
to  provide  applications  and  services  to  their  sub¬ 
scribers.  Most  of  the  carriers  subsidize  these  devices.  If 
those  devices  can  be  made  to  do  more,  the  carrier  is 
in  a  strong  position.  So,  if  we’re  right,  the  answer  to 
your  question  is,'You  will.’  ■ 
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Find  out  with  WorldBench™5,  the  industry  standard 
benchmark  for  testing  PC  performance. 

•  Automated  and  Bulletproof 

Runs  completely  on  its  own  from  start  to  finish. 

•  Results  You  Can  Use 

Provides  real-world  results,  not  a  synthetic  score. 

•  Apples  to  Apples 

Combines  results  and  compares  them  to  the 
reference  system. 


WorldBench  5  uses  real  applications  based  on  mass-market 
appeal,  stability,  market  share,  and  variety: 


•  ACDSee  PowerPack 

•  Adobe*  Photoshop" 

•  Adobe  Premiere* 

•  Discreet*  3ds  max®  5.1 

•  Microsoft®  Office™  XP 

•  Microsoft  Windows 
Media*  Encoder 


•  Mozilla 

•  Musicmatch1'  Jukebox 

•  Nero?  Express 

•  Roxio  VideoWave3  Movie 
Creator™ 

•  WinZip* 


WorldBench  5,  the  industrial-strength  benchmarking  tool  that 
the  PC  World  Test  Center  uses  to  analyze  desktop  and  laptop 
PCs,  is  now  available  for  purchase. 

ONLY  $249!* 


THE  REAL-WORi.D  SYSTEM  BENCHMARK 


' 


Go  to  www.worldbench.com/nww  and  order  today! 

Your  system  will  thank  you. 
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Offshoring  closer  to  home 


Nearshoring 

Instead  of  going  the  offshore  route,  companies  are  looking  at  service 
providers  closer  to  home.  The  pros  and  cons  of  so-called  “nearshoring”: 

Pros 

Cons 

A  penny  saved:  Wages  outside  of  the  U.S. 
are  lower,  translating  to  lower  contract  costs. 

A  penny  earned:  While  wages  are  lower, 
they  aren't  as  low  as  you'll  find  offshore  in 
places  such  as  India  and  Eastern  Europe. 

Feeling  secure:  Compared  with  India, 
Canada  and  Mexico  are  only  a  hop  away. 

Limited  labor  pool:  Nearshore  locations 
are  getting  established,  but  they  can’t  yet 
scale  up  as  quickly  as  places  such  as  India. 

Timing:  In  North  America,  your  outsourcer 
will  keep  the  same  relative  hours,  unlike  in 
India  where  it’ll  work  while  you’re  asleep. 

A  day’s  work:  Because  time  zones  aren’t  as 
drastic,  nearshoring  won’t  give  you  the  round- 
the-clock  type  of  support  you’ll  get  with 
offshore  locations  such  as  India. 

■  Cendura  last  week  announced  Co¬ 
hesion  3.5,  the  latest  version  of  its 
configuration  management  suite.  It 
includes  features  that  let  users  discov¬ 
er  application  components  and  map 
the  relations  between  them  and  the 
network  infrastructure.  With  a  new 
software  module,  called  Dependency 
Visualization,  the  company  also  added 
the  ability  to  discover  servers,  applica¬ 
tions  and  services  including  software 
components  such  as  databases,  appli¬ 
cation  and  Web  server  and  network 
devices.  Cohesion  software  collects 
data  from  servers  supporting  applica¬ 
tions  across  a  network  and  uses  blue¬ 
prints  of  popular  applications  such  as 
PeopleSoft  and  Web  servers  such  as 
Apache  to  compare  customer  config¬ 
uration  against  an  ideal  setup. 
Scheduled  to  be  available  next  month, 
Cohesion  3.5  costs  about  $150,000. 

■  OpSWare  last  week  announced 
Network  Automation  System  4.0, 

software  that  discovers  network  de¬ 
vice  configurations.  The  software 
works  with  Opsware’s  Server  Auto¬ 
mation  System,  which  collects  data 
on  servers  and  the  applications  run¬ 
ning  on  them.  Together,  the  programs 
can  provide  a  view  of  underlying  serv¬ 
ers,  applications,  software  infrastruc¬ 
ture,  network  devices  and  all  their  in¬ 
terdependencies,  the  company  says. 
NAS  4.0  is  scheduled  to  be  available 
March  21,  and  pricing  starts  at 
$20,000  for  50  nodes. 

■  MR0  Software  recently  unveiled  a 
suite  of  products  it  says  will  help  cus¬ 
tomers  identify  and  align  IT  assets 
with  IT  services.  Maximo  Enter¬ 
prise  Suite  combines  asset  and  ser¬ 
vice  management  with  help  desk  cap¬ 
abilities,  all  of  which  are  based  on  the 
Information  Technology  Infrastructure 
Library.  The  grouping  of  these  tech¬ 
nologies  are  designed  to  help  users 
tackle  multiple  problems,  such  as 
license  management  and  service  desk 
incidents,  with  one  product,  the  com¬ 
pany  says.  The  software  is  set  to  ship 
March  31.  For  an  entry-level  deploy¬ 
ment,  it  costs  about  $60,000  when  pur¬ 
chasing  MXES  in  full. 


■  BY  JENNIFER  MEARS 

Mobil  Travel  Guide  was  looking  for  cost 
savings  when  it  decided  to  outsource  its 
call  center  operations,  but  offshoring  was¬ 
n’t  an  option.  The  company  needed  work¬ 
ers  with  good  knowledge  of  U.S.  geography 
and  that  wasn’t  readily  available  in  India. 

Mobil  Travel  Guide  found  that  expertise 
in  Canada. 

“It  turns  out  Canadians  do  a  better  job 
teaching  U.S.  geography  than  we  do,”  says 
Paul  Mercurio,  former  CIO  of  Mobil  Travel 
Guide  in  Park  Ridge,  Ill.,  who  is  now  chief 
marketing  officer  of  GuestClick,  a  Bonita 
Springs,  Fla.,  firm  that  provides  Web-based 
software  to  companies  such  as  Coca-Cola 
and  Best  Western. 

“If  somebody  wants  a  hotel  in  Oklahoma 
City  they  don’t  have  to  go  look  it  up  in  a 
database  to  find  out  if  Oklahoma  City  is  in 
the  United  States,”  he  says. 

Increasingly  corporations  are  looking  to 
the  north  —  and  south  to  Mexico  —  for 
lower-cost  alternatives  to  domestic  out- 
sourcing.Those  areas  don’t  provide  the  cost 
savings  available  in  faraway  destinations 
such  as  India,  where  wage  rates  can  be  as 
low  as  one-tenth  of  what  American  IT  work¬ 
ers  earn,  but  they  do  provide  cost  benefits 
compared  with  US.-based  outsourcers. 

Consulting  firm  KPMG  last  year  stated  in 
its  Competitive  Alternatives  report,  which 


■  BY  ANN  BEDNARZ 

After  working  in  stealth  mode  for  five 
years,  Patrick  Grady  recently  took  the  wraps 
off  his  company’s  efforts  to  build  an  e-com- 
merce  platform  that  supports  a  range  of 
services  users  can  tap  into  on  an  as-need¬ 
ed  basis.  The  first  of  the  hosted  applica¬ 
tions,  available  from  the  newly  minted 
Rearden  Commerce,  provides  one  console 
for  coordinating  business  services  procure¬ 
ment  such  as  booking  flights  or  shipping 
packages. 

“There  will  be  an  entire  suite  of  applica¬ 
tions  for  on-demand  commerce,  initially 
geared  around  employee  services  procure¬ 
ment  —  like  travel  and  shipping  packages,” 
says  Grady  founder  and  CEO  of  the  com¬ 
pany  formerly  known  as  Talaris.  “Next  up 
will  be  things  like  temporary  labor  ser¬ 
vices,  contract  labor  services  and  out- 


compares  business  costs  in  North  America, 
Europe  and  Asia  pacific,  that  a  110-person 
software  firm  would  have  annual  costs  of 
less  than  $8  million  in  Halifax,  Nova  Scotia. 
The  costs  in  Boston  and  New  York  topped 
$10  million  and  $11  million,  respectively 
Those  kinds  of  savings  are  passed  on  to 
companies  contracting  for  software  sup¬ 
port.  So  organizations  going  to  Canada 
could  see  15%  to  20%  cost  savings,  com¬ 
pared  with  outsourcing  IT  domestically 
while  Mexico  offers  costs  as  low  as  one- 
third  of  what  a  company  would  spend  on¬ 
shore,  says  Atul  Vashistha,  CEO  of  offshore 


sourced  manufacturing  services.” 

Inefficiencies  traditionally  plague  ser¬ 
vices  procurement.  Rearden’s  goal  is  to 
curb  maverick  spending  by  keeping  users’ 
services  requests  in  line  with  corporate 
policies.  Moving  services  procurement  to 
an  online  environment  can  reduce  operat¬ 
ing  costs  for  companies,  make  life  easier 
for  employees  and  help  suppliers  optimize 
inventory  Grady  says. 

The  foundation  for  Rearden’s  offerings  is 
a  commerce  platform  built  as  a  service-ori¬ 
ented  architecture.  Web  services  provide 
real-time  access  to  information  such  as  the 
availability  of  airline  seats.  A  system  of  re¬ 
usable  application  components  is  design¬ 
ed  to  let  Rearden  easily  add  new  compos¬ 
ite  applications  atop  the  platform. 

The  platform  has  three  major 
components: 

•  Services  Assistant,  an  end-user  interface 


consulting  firm  NeolT. 

Domestic  service  providers  recognize  the 
savings.  Firms  such  as  Keane  and  Compu- 
ware  have  set  up  nearshore  locations  in 
Canada.  Big  players  such  as  CGI,  Electronic 
Data  Systems  and  IBM  also  have  nearshore 
operations. 

Nearshoring,  outsourcing  work  to  service 
providers  in  neighboring  countries,  isn’t  a 
new  idea,  but  analyst  say  the  concept  has 
attracted  more  attention  in  the  last  year  or 
so  because  it  is  seen  as  less  risky  —  and 
less  politically  charged  —  than  sending 
See  Nearshoring,  page  26 


services 

companies  can  customize  according  to  an 
employee’s  role  and  access  privileges.  Via 
the  Services  Assistant,  users  can  schedule, 
purchase  and  track  services  requests. 

•  Services  Console,  which  gives  procure¬ 
ment  managers  and  IT  staff  tools  to  estab¬ 
lish  employee  spending  policies,  add  and 
manage  suppliers,  and  analyze  overall  ser¬ 
vices  procurement  trends. 

•  Services  Grid, an  XML-based  integration 
application  that  links  end  users  to  the 
available  network  of  suppliers. 

The  company’s  first  application,  Employ¬ 
ee  Business  Services  (EBS),  automates  the 
scheduling,  purchasing  and  management 
of  common  employee  services  such  as 
travel,  package  shipping,  audio  and  Web 
conferencing,  and  dining.  It  provides 
access  to  80,000  hotel  properties,  530  air¬ 
line  carriers,  50,000  restaurants  and  global 
See  Rearden,  page  26 
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At  first  it  looked  like  the  FCC  did  a 
good  thing  for  the  Internet  the  other 
day  but  after  thinking  about  it  for  a 
while,  I’m  not  at  all  clear  that  the  action 
was  as  big  a  deal  as  it  seemed  to  be. 

A  while  back  VoIP  service  provider 
Vonage  complained  to  the  FCC  that  Madi¬ 
son  River  Communications,  a  small,  rural 
North  Carolina  telephone  company  oper¬ 
ating  also  as  an  ISP  had  inserted  filters  into 
its  ISP  network  to  block  VoIP  traffic.  This 
meant  that  it  was  impossible  for  Vonage  to 
offer  VoIP  service  to  customers  of  Madison 
River’s  Internet  service. 

The  FCC  investigated  and  discussed  the 
accusations  with  Madison  River,  and  the 
ISP  quickly  agreed  to  a  consent  decree. 


Unblocking  pipes 


Under  the  agreement  (www.nwfusion. 
com,  DocFinder:  6226),  Madison  River 
pledged  not  to  block  VoIP  traffic  for  at  least 
30  months  and  to  make  a  “voluntary  pay¬ 
ment”  of  $15,000  to  the  FCC  “in  considera¬ 
tion  for  the  termination”  of  the  investiga¬ 
tion  ofVonage’s  accusations.  The  decree  is 
backed  up  by  an  FCC  order  (DocFinder: 
6227).  Outgoing  FCC  Chairman  Michael 
Powell  issued  a  statement  that  patted  the 
FCC  on  the  back  for  its  quick  action 
(DocFinder:  6228). 

The  consent  decree  notes  that  the  inves¬ 
tigation  into  Madison  River  explored  its 
compliance  with  Section  201(b)  of  the 
Communications  Act  of  1934,  as  amended 
(DocFinder:  6229).  But  the  decree  does  not 
provide  any  legal  finding  that  Madison 
River  actually  had  violated  the  act.  In  other 
words,  Madison  River  signed  the  paper  and 
paid  the  money  to  get  the  FCC  off  its  back, 
but  no  court  has  determined  that  Madison 
River  did  anything  illegal. 

At  first  it  looked  very  good  that  the  FCC 


had  stepped  in  to  stop  an  ISP  from  block¬ 
ing  the  ability  of  its  customers  to  purchase 
Internet-based  services  from  whomever 
they  wanted.  But  a  closer  reading  finds  a 
number  of  problems  that  removes  most  of 
the  joy  The  first  problem  already  has  been 
mentioned:  There  is  no  legal  finding  that 
blocking  VoIP  is  wrong  —  that  means  a  bet¬ 
ter-funded  provider  (and  one  that  was  not 
in  the  middle  of  an  IPO)  might  just  go 
ahead  and  test  the  precedent. 

The  second  problem  is  that  the  resolu¬ 
tion  is  VoIP-specific  —  the  only  thing  that 
Madison  River  agreed  not  to  block  is  VoIP 
Under  this  consent  decree,  it  can  block 
anything  else. This  is  nothing  like  the  basic 
open  pipes  concept  that  people  such  as 
Stanford  Professor  Larry  Lessig  have 
pushed  FCC  to  support  (DocFinder:  6230). 

The  third  problem  is  that  the  decree  is  of 
a  limited  duration.  Madison  River  can  start 
blocking  again  in  30  months.  The  fourth 
problem  is  that  the  act  that  the  FCC 
referred  to  might  not  cover  ISPs  that  are  not 


part  of  a  telephone  company  Thus,  non¬ 
telephone-company-based  ISPs  might  be 
able  to  block  specific  applications  at  will 
under  current  laws 

Many  providers  already  are  doing  so 
under  the  excuse  of  blocking  spam.  Maybe 
both  sides  in  this  case  did  not  want  to 
know  if  the  FCC  actually  has  the  authority 
to  force  open  pipes  in  all  ISPs  —  Madison 
River  because  the  answer  might  be  yes  and 
the  FCC  because  the  answer  easily  could 
be  no.  It  is  still  better  that  the  FCC  got  some¬ 
one  to  stop  blocking  in  one  specific  case 
than  having  the  FCC  formally  conclude 
that  partially  open  Internet  pipes  are  OK. 

Disclaimer:  Figuring  out  when  it’s  best  to 
actually  answer  a  question  is  something 
that  I  hope  is  taught  at  both  the  Harvard 
law  and  business  schools,  but  I  did  not 
check,  and  the  above  case  study  is  my  own. 

Bradner  is  a  consultant  with  Harvard 
University’s  University  Information  Systems. 
He  can  be  reached  at  sob@sobco.com. 


the  cost  of  traditional  domestic  outsourcers. 

The  company  which  plans  to  open  50  . 
offices  across  the  country  says  it  can  cut 
outsourcing  costs  by  as  much  as  50%  com¬ 
pared  with  domestic  IT  service  providers. 

“The  response  has  been  incredible,”  says 
Kathy  Brittain  White,  a  former  IT  executive 
who  launched  Rural  Sourcing  in  2004. 
“We’ve  already  had  face-to-face  meetings 
with  20  of  the  top  200  companies.” 

The  company  offers  application  devel¬ 
opment,  Internet  development  and  data¬ 


base  development  services.  Brittain  White 
says  clients  also  are  looking  for  support 
for  traditional  legacy  skills  such  as  COBOL 
programming. 

“We’re  not  doing  that  at  the  moment,  but 
we  may  very  soon,”  she  says.“When  we  do 
we’ll  look  at  the  pool  of  talent  that  has 
been  outsourced  in  America,  the  45-  to  55- 
year-olds  that  were  doing  COBOL  and 
mainframe,  a  lot  of  that  has  gone  offshore, 
and  there  is  a  pool  of  very  talented  people 
that  is  available.”  ■ 


■  PROFILE: 

REARDEN  COMMERCE 

Location: 

San  Mateo,  Calif. 

Founded: 

Officially  launched  in  February  after  operating  in  stealth  mode  as 
Talaris  since  2000. 

Product: 

Hosted  services  procurement  application. 

Management: 

Patrick  Grady,  founder  and  CEO;  Corey  Billington,  vice  president  of 
supply  chain  and  procurement  strategy;  Tony  D’Astolfo,  vice  president 
of  travel  services. 

Finances: 

$42  million  from  private  and  institutional  investors  including  Charter 
Venture  Group,  Foundation  Capital  and  Empire  Capital  Partners. 

Customers: 

CingularWireless,  Genesys,  JDS  Uniphase,  Motorola,  Warner  Music 
and  Whirlpool. 

Nearshoring 

continued  from  page  25 

jobs  overseas  to  places  such  as  India  and 
the  Philippines. 

Analysts  say  nearshoring  should  be  part  of 
any  corporation’s  global  sourcing  strategy 
which  pushes  out  projects  to  domestic  out¬ 
sourcers,  offshore  providers  and  nearshore 
locations  according  to  business  demands. 

“Nearshore  has  a  role  to  play  for  a  com¬ 
pany  in  its  ongoing  outsourcing  portfolio. 
Things  that  are  more  risky,  things  where  you 
want  a  lot  of  control  are  likely  to  end  up  in 
Canada,”  Vashistha  says.  “So  you  may  take 
application  support  and  maintenance  off¬ 
shore,  whereas  you  may  take  application 
implementation  and  keep  it  onshore.  You 
may  take  remote  network  monitoring  off¬ 
shore,  but  you  most  likely  won’t  take  data 
centers  offshore,  though  you  may  take 
them  nearshore  to  Canada.” 

The  trend  of  nearshoring  is  growing,  says 
David  Tapper,  program  manager  of  IT  out¬ 
sourcing  and  utility  services  and  global  off¬ 
shore  services  at  IDC. 

“I  can’t  tell  you  how  fast  because  it’s  all 
bundled  in  the  concept  of  offshore,”  he 
says,  pegging  the  offshore  market  for  U.S. 
firms  at  $6.9  billion  today  with  a  nearly  20% 
annual  growth  rate  through  2008,  when  it 
will  be  about  a  $  17-billion  market.  “Cus¬ 
tomers  will  go  anywhere:  Canada,  Brazil, 
Mexico. You  name  it.” 

Mobil  Travel  Guide  now  has  its  hotel 
reservations  business  handled  by  a  call 
center  in  New  Brunswick,  which  is  operat¬ 
ed  by  Virtual-Agent  Services  in  Chicago. 

By  going  to  Canada,  Mobil  Travel  Guide 
found  a  highly  stable  workforce  compared 
with  call  centers  in  the  U.S.,  where  turnover 
is  typically  higher,  Mercurio  says.  In  addi¬ 
tion,  it  didn’t  have  to  deal  with  time  zone 
issues,  language  barriers  and  cultural  dif¬ 
ferences,  which  IDC  says  are  the  three 
biggest  hurdles  facing  companies  using  off¬ 


shore  service  providers. 

“The  advantage  is  not  just  about  being 
able  to  speak  the  language,”  Mercurio  says. 
“It’s  about  being  able  to  relate  to  the  cul¬ 
ture,  and  it’s  about  being  able  to  under¬ 
stand  the  dialect  and  what  words  mean. . . . 
Also,  they’re  in  the  same  relative  time  zone, 
which  means  they’re  not  working  at  three 
in  the  morning  during  our  prime  time." 

Those  factors  and  geographical  proximity 
are  particularly  important  when  critical  IT 
projects  are  at  stake,  analysts  say 

Nova  Scotia  Business  was  formed  about 
three  years  ago  to  promote  that  province, 
just  hours  from  IT  hubs  in  New  York  and 
Boston,  as  a  prime  alternative  for  compa¬ 
nies  eager  for  lower-cost  IT  talent,  but  wary 
of  heading  overseas. 

“We  have  2,200  IT  grads  a  year  and  the 
largest  computer  science  school  in 
Canada,”  says  Stephen  Lund,  CEO  of  Nova 
Scotia  Business. 

While  about  90%  of  the  outsourced  work 
in  Nova  Scotia  was  call-center-related 
about  three  years  ago,  Lund  says  about  80% 
now  is  more  IT-focused. 

Wayne  Branham,  president  and  CEO  at  IT 
research  and  consulting  firm  Branham 
Group  in  Ontario,  agrees  that  demand  for 
nearshore  providers  in  Canada  is  growing. 

“More  companies  are  looking  at  Canada 
for  a  variety  of  reasons,”  he  says.  “There  are 
components  of  an  outsourcing  job  that  are 
conducive  to  utilizing  Indian  capabilities, 
but  when  it  gets  to  a  project  that  requires 
more  regular  project  management  and 
something  that  requires  a  product  that’s 
being  delivered  in  close  geographic  prox¬ 
imity  in  that  case  Canada  —  and  Nova  Scot¬ 
ia,  specifically  —  are  heavily  considered.” 

End  users  also  are  starting  to  look  for  low- 
cost  outsourcing  options  even  closer  to 
home.  Rural  Sourcing  is  setting  up  opera¬ 
tions  in  rural  areas  in  the  U.S.  such  as 
Jonesboro,  Ark.,  and  Greenville,  N.C.,  to  pro¬ 
vide  outsourced  IT  support  at  a  fraction  of 


Rearden 

continued  from  page  25 

package  shipment  companies. 

The  quest  for  a  viable  business-tobusi- 
ness  marketplace  is  an  effort  that  other  ven¬ 
dors  have  pursued.  Microsoft’s  abandoned 
Hailstorm  and  Passport  initiatives,  for  ex¬ 
ample,  were  intended  to  link  subscribing 
users  and  service  providers. 

Grady  a  former  venture  capitalist,  says 
Rearden  will  succeed  where  others  have 
failed  because  of  its  hardware-  and  soft¬ 
ware-agnostic  platform,  and  the  broad  in¬ 
dustry  appeal  of  EBS.To  help  tip  the  scales 


in  his  favor,  Grady  drew  Rearden’s  execu¬ 
tive  team  from  sources  including  Ariba, 
Salesforce.com  and  Siebel  Systems.  He 
also  recruited  business  and  technical  ad¬ 
visers  including  Adam  Bosworth.vice  pres¬ 
ident  of  engineering  at  Google,  and  Larry 
Cable,  chief  Web  services  architect  at  Sun. 

Customers  that  have  signed  up  to  deploy 
EBS  —  which  lists  at  $1  million  for  large 
enterprise  deployments  of  Services  Co¬ 
nsole,  plus  $10  per  user,  per  month,  for 
Services  Assistant  —  include  Cingular 
Wireless,  Motorola  and  Whirlpool.  Grady 
and  company  also  have  inked  a  reseller 
deal  with  HP  ■ 


Keep  your  network  safe  from 
dynamic  threats  with  Gateway 
Anti-Virus,  Anti-Spyware  and 
Intrusion  Prevention  from 


SonicWALL. 


It's  8am.  Guess  how  many  attacks  hit  your  network  last  night. 


Trust  us,  it's  an  unbelievable  number. 
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APPLICATION  SERVICES:  Contact  center  management. 


Oorrelating  customer  service  with  IT  intelligence 


■  BY  DENISE  DUBIE 

Paul  Courneya  used  to  manually  collect  network, 
infrastructure  and  application  data  to  determine 
why  his  contact  center  hit  a  glitch  in  terms  of  cus¬ 
tomer  service  expectations. 

The  senior  manager  of  telecom  support  at  Canadian 
Imperial  Bank  of  Commerce  (CIBC)  in  Toronto  says  he 
needed  to  augment  the  performance  monitoring  of  call 
center  applications,  such  as  automatic  call  distribution 
(ACD)  and  interactive  voice  response  (IVR).with  tools  to 
pinpoint  the  source  of  network  problems. 

“There  is  a  need  to  isolate  the  technology  impact  to  our 
customer  service  levels,”  Courneya  says.“We  needed  a 
way  to  eliminate  a  lot  of  troubleshooting  going  on  among 
a  lot  of  different  groups  to  get  to  the  root  of  a  perfor¬ 
mance  problem  from  the  IT  perspective.” 

Contact  center  applications  such  as  ACD,  IVR  and  cus¬ 
tomer  self-service  Web  portals  offer  IT  managers  the 
automation  needed  to  increase  operational  efficiencies 
and  speed  the  response  to  customer  calls  and  e-mail 
requests  in  support,  service  and  information  centers.  By 
routing  calls  to  the  most  qualified  agents,  ACD  and  IVR 
systems  can  improve  customer  service.  And  self-service 
options  let  customers  answer  their  query  themselves. 
Companies  typically  realize  a  20%  or  higher  reduction 
in  caller  abandonment  and  reductions  in  opt-outs  from 
the  IVR  for  live  assistance,  according  to  an  Apex  Re¬ 
search  study. 

The  goal  of  contact  center  management  products  from 
the  likes  of  Empirix,  FrontRange,  Optimus  Solutions, 
Ardence  and  Zultys  Technologies  is  to  ensure  the  special¬ 
ized  contact  center  applications  perform  up  to  preset  ser¬ 
vice  levels.Their  goal  is  also  to  relate  how  the  underlying 
IT  infrastructure  affects  customer  service  levels  in  call 
centers. 

Newer  technologies,  such  as  speech  self-service  plat¬ 
forms  from  companies  such  as  Aspect  Communications, 
Avaya,  Edify  Intervoice  and  Nortel,  and  products  built  to 
VoiceXML,SALT  and  other  standards,  are  designed  to 
help  companies  cut  costs  in  contact  centers. 

For  example,  integrating  call  routing  software  and  cus¬ 
tomer  databases  would  ensure  the  appropriate  customer 
information  is  delivered  to  a  caller  with  a  specific  user  ID. 
And  if  a  live  agent  mans  the  call,  the  appropriate  cus¬ 
tomer  data  would  ideally  be  automatically  accessed  and 
presented  on  the  agent’s  desktop  for  quick  access. 

“Our  customers’  biggest  concerns  with  call  handling  are 
call  length,  the  number  of  call  transfers  and  other  ele¬ 
ments  that  slow  down  the  client  getting  the  information 
he  or  she  needs  quickly  says  Frank  Moreno,  director  of 
product  marketing  at  Empirix. 

Monterio  Woodson,  director  of  enterprise  architecture  at 
systems  integrator  Optimus,  in  Silver  Springs,  Md.,says  his 
company  can  provide  real-time  alerts  when  pre-set  call 
thresholds  are  missed.“The  goal  is  faster  problem  identifi¬ 
cation,  and  to  provide  customer  service  faster,  better  and 
more  effectively  he  says. 

While  automation  and  intelligent-routing  technology 
help  speed  call  resolution,  customers  also  need  to  better 
understand  and  measure  how  their  IT  infrastructure 
affects  customer  service  levels  to  speed  contact  center 
problem  resolution. 
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Contact  center  choices 

With  numerous  options  for  customers  available 
today,  IT  managers  must  tackle  multiple 
technologies  to  ensure  contact  centers 
perform  up  to  snuff  —  which  means  getting 
the  accurate  data  in  front  of  the  appropriate 
agent  in  real  time. 


Telephone:  Traditional  call  centers 
required  agents  man  phone  lines  and 
respond  to  live  customer  requests. 


E-mail:  Phone  agents  are  upping 
their  skills  by  responding  to  e-mail 
requests  when  phone  lines  are  inactive. 


Web  request:  Contact  center 
agents  also  man  live  chats  via  their 
company’s  Web  sites,  guiding  customers 
to  the  proper  information. 


Self-service:  Customers  can  change 
account  information,  check  on  order  status 
and  address  low-level  problems,  such  as 
checking  on  shipping  status,  via  Web  portals. 
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Constant  demand 

“Contact  centers  are  under  constant  demand  to  con¬ 
trol  and  reduce  operational  costs.  This  forces  companies 
to  carefully  review  existing  processes,  locations  of  centers 
and  necessary  head  counts  to  find  areas  where  there  is 
potential  for  improved  efficiency  says  Elizabeth  Herrell.a 
vice  president  at  Forrester  Research. 

Still,  it  seems  that  in  order  to  adequately  manage  con¬ 
tact  centers,  customers  will  have  to  cobble  together  multi¬ 
ple  products  and  rely  on  vendors  to  provide  integration 
capabilities. 

Courneya  uses  Empirix  Hammer  technology  included 
in  the  vendor’s  OneSight  product  to  detect  any  issues 
with  the  bank’s  IVR  applications.The  product  uses  hard¬ 
ware  and  software  that  work  together  to  generate  scripts 
and  simulate  customer  calls  into  CIBC’s  contact  center. 

“The  telecom  part  of  our  call  center  used  to  be  much 
more  of  an  island,  and  there  was  really  no  one  place  to 
see  the  entire  infrastructure,”  he  says.“We  had  to  manually 
collect  information  from  a  host  of  areas  to  really  under¬ 
stand  the  customer  experience  and  to  find  the  source  of 
problems.” 

Courneya  says  CIBC’s  ACD  and  IVR  systems  now  are 
integrated,  which  eliminated  the  manual  work  of  tracking 
down  problems.The  bank’s  IT  team  is  working  to  better 
integrate  HP’s  OpenView  network  management  software 
with  OneSight.  With  a  combination  of  Hammer,  OpenView 
and  a  Cisco  monitor,  Courneya  says  he  is  alerted  to  any 
network  problems  that  might  affect  customer  service. 

“We  have  technology  that  routes  our  calls  at  a  network 
level  so  we  can  see  if  there  is  anything  inhibiting  our  abil¬ 


ity  to  load  balance,  for  example,”  he  says.“We  have  a  lot  of 
OpenView  in  our  network,  too. That  helps  us  tie  infrastruc¬ 
ture  metrics  to  our  call  center  applications’  performance.” 

Streamlining  operations 

Increased  customer  interest  in  streamlining  contact 
center  operations  and  correlating  it  with  IT  performance 
has  many  vendors  clamoring  to  provide  answers.  IT  man¬ 
agement  heavyweights  such  as  Computer  Associates,  HP 
and  IBM  provide  products  to  monitor  calls;  gear  vendors 
such  as  Nortel  offer  products  to  give  customers  a  view 
into  center  performance;  and  customer  service  vendors 
such  as  Siebel  Systems  attempt  to  tackle  contact  center 
management,  as  well. 

Sprint, Verizon  and  other  service  providers  also  say  they 
promise  to  manage  call  centers  for  customers.  In  fact,  the 
two  separately  announced  last  year  that  by  mid-2005,  they 
would  make  available  hosted  application  services  to  sup¬ 
port  customer  call  center  agents. 

Another  Empirix  customer,  a  senior  systems  administra¬ 
tor  for  a  major  wireless  services  company  who  requested 
anonymity  says  managing  customer  service  in  his  com¬ 
pany’s  call  center  requires  much  more  than  collecting 
call  statistics.  He  says  contact  center  management  for  his 
staff  includes  server,  network  and  application  manage¬ 
ment  —  all  of  which  he  tackles  with  Empirix  products. 

“We  need  to  make  sure  we  can  monitor  our  network  as 
well  as  our  servers  that  support  the  network  as  well  as  the 
customer  service  applications,”  he  says.’The  components 
are  so  dependent  on  each  other  that  we  have  to  have 
each  piece  operating  in  a  perfect  state  for  our  customer 
service  to  be  as  high  as  possible.” 

This  user  says  his  team  worked  to  integrate  the  multiple 
tools  tracking  network,  server  and  application  metrics, 
and  bring  the  data  into  his  OneSight  console  to  get  a  pic¬ 
ture  of  the  entire  contact  center  infrastructure.  He  says 
the  integration  gave  his  staff  the  ability  to  understand  — 
even  if  it  didn’t  own  the  component  —  how  each  ele¬ 
ment  contributed  to  the  overall  customer  service  his 
company  delivered  to  clients. 

“We  now  know  how  all  these  pieces  are  connected  to 
performance  with  one  big  view  instead  of  a  fragmented 
look,”  he  says.  ■ 


More  online! 


Get  ready  now  to  assemble  the  key  technologies  in  seven  crucial 
management  areas:  secure  systems,  map  infrastructure,  maximize 
applications,  measure  performance,  automate  processes,  empower  users 
and  integrate  emerging  innovations?  Attend  a  special  Network  World  event 
for  network  managers. 
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DB2.  ONLY  THE  PERFORMANCE  IS  HIGH. 

DB2  has  done  it  again.  According  to  a  Market  Magic  Study, 
DB2  costs  “on  average  22%  less  than  Oracle.”1 

The  Transaction  Processing  Performance  Council  results 
show  that  DB2  and  eServer"'  p5-595  are  more  than  twice 
as  scalable  as  Oracle  Real  Application  Clusters,  making 
them  the  overwhelming  performance  and  scalability 
leader  forTPC-C.2  And  an  ITG  study  showed  overall  costs 
for  Oracle  Database  up  to  four  times  higher  than  DB2.3 

No  wonder  DB2  is  regarded  as  the  leading  database  built 
on  and  optimized  for  Linux!  UNIX®  and  Windows!  Like 
other  IBM  database  engine  products  such  as  Informix® 
and  Cloudscape';  DB2  is  part  of  an  innovative  family  of 
information  management  products  that  integrates  and 
can  actually  add  insight  to  your  data. 


it  takes  full  advantage  of  your  existing  heterogeneous 
and  open  environments,  while  its  leading-edge 
autonomic  computing  technology  means  increased 
reliability,  increased  programmer  productivity  and 
decreased  deployment  and  management  costs. 

One  more  thing:  Oracle  desupported  Oracle  Database  8i 
last  year,  meaning  potential  headaches,  higher  cost  or 
a  complete  migration  to  current  versions  of  Oracle. 
Fortunately,  IBM  offers  ongoing,  around-the-clock  service 
and  support  for  DB2. 

Why  not  move  up  to  middleware  that  makes  sense?  Now  you 
can  get  IBM  DB2  Universal  Database  or  Informix  by  taking 
advantage  of  our  extremely  compelling  trade-up  program. 
Visit  ibm.com/db2/swap  today  to  find  out  if  you  qualify. 
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IBM,  (he  IBM  logo,  DB2,  eServer,  Informix,  Cloudscape  and  the  On  Demand  logo  are  trademarks  or  registered  trademarks  of  International  Business  Machines  Corporation  in  the  United 
States  and  other  countries.  Linux  is  a  registered  trademark  of  Linus  Torvalds.  Microsoft  and  Windows  are  registered  trademarks  of  Microsoft  Corporation  in  the  United  States  and/or  other 
countries.  UNIX  is  a  registered  trademark  of  The  Open  Group  in  the  United  States  and/or  other  countries.  Other  company,  product  and  service  names  may  be  trademarks  or  service  marks 
of  others.  ©2005  IBM  Corporation.  All  rights  reserved.  "  Database  Comparative  Cost  of  Ownership,”  January  2003.  Market  Magic  Ltd.  ’All  referenced  results  are  current  as  of  12/14/04.  DB2 
UDB  v8.2  on  IBM  eServer  p5  595  (64-way  POWER5 1.9  GHz)  and  AIX  5.3L:  3,210,540  tpmC  @  S5.19/tpmC  available:  May  15.  2005.  vs.  Oracle  RAC  lOg  on  HP  Integrity  rx5670  Cluster  64P 
(16  X  4-way  Intel  Itanium2  6M  1.5GHz):  1.184.893  tpmC  @  S5.52/tpmC  available:  April  30,  2004;  TPC  Benchmark.  TPC-C,  tpmC  are  trademarks  of  the  Transaction  Processing  Performance 
Council.  For  further  TPC-related  information,  please  see  http://www.tpc.org/.  ’"IBM  Solutions  for  PeopleSoft  Deployment  in  Mid-sized  Businesses  Quantifying  the  New  Cost/Benefit  Equation." 
July  2003.  International  Technology  Group,  Los  Altos,  California. 


JUST  BECAUSE  THE  SYSTEM  DOWN 
DOESN’T  MEAN  T  H  [  PEOPLE  USW  G  IT  H  IUL  BE 


Constant,  uninterrupted  access  to  critical  data,  systems  and  people,  Even  when  something  goes  wrong,  That's  Information  Availability.  And  one  of 
the  best  ways  to  virtually  guarantee  Information  Availability  is  by  running  your  production  systems  out  of  our  facilities.  You  manage  your  applications 
and  data  while  SunGard  Availability  Services  helps  to  ensure  that  the  infrastructure  and  technical  support  you  need  is  always  on,  SunGard  can 
offer  a  secure  and  scalable  environment  at  a  lower  operational  cost  for  production.  Plus  we  have  over  60  state-of-the-art  hardened  facilities  with 
network,  power  and  equipment  redundancies  that  are  unparalleled.  For  a  free  copy  of  the  IDC  SUNGARD 
White  Paper:  “Ensuring  Information  Availability”  visit  www.availability.sungai  :om/idcwp.  Availability  Services 


and  Information 
Connected . 


Jj  1 1  IP  ••  •*'  ‘  ^  1 

Vk  0 

JSr 

■  REGULATORY  AFFAIRS  ■  CARRIER  INFRASTRUCTURE 


Contract  negotiations 
for  uncertain  times 


EYE  ON  THE 
CARRIERS 

Johna  Till 
Johnson 


By  the  time  you  read  this,  MCI  could 
be  part  of  Qwest.  Or  was  that  Verizon? 
And  SBC  and  AT&T  might  merge 
(ditto  Sprint  and  Nextel)  —  unless  they 
don’t.  We  pundits  can  opine,  but  the  only 
thing  network  managers  can  be  sure  of  for 
the  next  several  months  is  uncertainty 
Unfortunately  telecommunications  does¬ 
n’t  stop  while  carriers  sort  themselves  out. 
End  users  have  an  annoying  habit  of  want¬ 
ing  their  services  to  run  smoothly  despite 
external  events.  That  means  managers 
need  to  negotiate  contracts  that  can  with¬ 
stand  market  turmoil.  Key  tactics: 

•  Don’t  forget  the  “MAD  clause.”  Regular 
readers  of  this  column  know  to  include  a 
“mergers-acquisitions-divestitures”  clause 
that  entitles  them  to  review  their  contracts 
—  and  importantly  exit  without  penalty  — 
in  the  event  that  the  company  is  acquired 


■  Entrisphere  recently  unveiled  an 
access  product  for  carriers  that  inte¬ 
grates  several  access  network  service 
and  transport  functions  on  a  single 
platform.  The  company's  Broadband 
Loop  Multiplexer  1500  integrates 
passive  optical  networking,  optical  line 
termination,  next-generation  digital 
loop  carrier  and  DSL  access  multi¬ 
plexer,  packet  voice  gateway,  and  IP 
and  analog  video  with  SONET  and  IP 
transport.  It  is  designed  to  let  carriers 
deliver  a  range  of  circuit-  and  packet- 
based  voice,  video  or  data  applications 
via  fiber  or  copper  infrastructure, 
while  migrating  their  access  networks 
to  a  simpler  and  less  costly  architec¬ 
ture.  Pricing  was  not  disclosed. 


or  divests  itself  of  a  significant  fraction  of  its 
holdings.  The  same  rules  should  apply  to 
your  service  providers.  If  your  carrier  is 
acquired, you  should  have  the  right  to  rene¬ 
gotiate. 

•  Include  well-defined  SLAs.  Service-level 
agreements  should  cover  the  time 
required  to  provision  circuits  and  services; 
performance,  including  end-to-end  latency 
uptime  and  availability;  response  times  for 
problems  and  outages,  which  might  be 
tiered  according  to  the  criticality  of  affect¬ 
ed  sites;  and  escalation  policies  and  proce¬ 
dures  that  describe  how  complaints  will  be 
handled.  Performance  and  provisioning 
parameters  should  be  defined  as  averages 
for  all  circuits  in  the  network  as  well  as  the 
maximum  for  any  one  circuit  —  with 
penalties  for  failing  to  meet  each. 

•  Maintain  control  over  the  support  staff. 
One  consequence  of  looming  mergers  is 
an  upswing  in  “churn”  among  telco 
employees.  A  sales  rep  you  know  and  love 
today  might  be  out  on  the  street  next  week 
—  leaving  your  account  in  the  hands  of 
someone  who’s  more  interested  in  polish¬ 
ing  his  r&ume  than  taking  care  of  you.  A 
good  way  to  protect  yourself  is  to  mandate 
that  you  have  “approval  rights”  to  key  indi¬ 
viduals  assigned  to  your  account.You  can’t 
force  a  carrier  to  assign  a  specific  person 
to  you  (particularly  if  that  person  is  no 
longer  working  for  the  carrier).  But  you  can 
and  should  require  the  right  to  approve 
any  proposed  support  staff  and  request 
replacement  of  folks  who  aren’t  up  to  snuff 
after  an  appropriate  trial  period. 

•  Minimize  minimum  annual  revenue 
commitment  (MARC)  constraints.  A  carri¬ 
er’s  endgame  is  to  get  you  to  commit  to  a 
fixed  dollar  amount  each  year.  The  higher 
the  MARC,  the  lower  your  rates  —  and 
that’s  fine,  within  limits.  But  don’t  let  carri¬ 
ers  force  you  to  commit  to“mini-MARCs”: 
spending  X  on  voice,  Y  on  data  and  Z  on 
local  access.  If  you  commit  to  a  MARC  to 
obtain  lower  rates,  you  should  be  free  to 
change  and  modify  services  across  those 
“buckets”  as  you  see  fit. 

Adhering  to  these  and  other  tried-and- 
true  negotiation  tactics  should  help  you 
navigate  the  turbulent  waters  ahead. 

Johnson  is  president  and  chief  research 
officer  at  Nemertes  Research,  an  indepen¬ 
dent  technology  research  firm.  She  can  be 
reached  at  johna@nemertes.com. 


Netifice  picks  up  Aventail 
managed  SSL  VPN  unit 


■  BY  DENISE  PAPPALARDO 


Netifice  Communications  announced 
last  week  that  it  is  acquiring  Aventail’s 
Managed  Secure  Sockets  Layer  VPN 
Services  business  unit,  including  all  120 
customers,  33  employees  and  network 
assets. 

Netifice  and  Aventail  are  privately  held 
companies  and  are  not  disclosing  the 
financial  details  of  the  acquisition.  But 
Netifice ’s  CEO  Craig  Young  says  his  com¬ 
pany  is  paying  a  “significant  amount  of 
cash.” 

The  deal  allows  Netifice  to  beef  up  its 
portfolio  of  remote-access  VPN  services 
with  its  first  SSL  offering.The  sale  also  lets 
Aventail  more  squarely  focus  and  expand 
its  SSL  VPN  gear  business. 

“Overall,  it’s  a  good  move  for  both  com¬ 
panies  because  it  allows  each  to  strategi¬ 
cally  strengthen  their  positions  in  their 
respective  markets,”  says  Michael  Suby,  an 
analyst  at  Stratecast  Partners. 

Netfice’s  Young  plans  to  expand  the 
Managed  SSL  VPN  Services  by  offering 
bundled  services  and  striking  additional 
wholesale  deals. 

Competitive  edge 

“The  deal  also  gives  Netifice  a  leg  up  on 
its  two  main  competitors,  GoRemote  and 
MegaPath,”  Suby  says.“Neither  have  made 
any  concerted  push  into  SSL  VPN  services 
to  date.” 

Suby  points  out  that  MegaPath  offers  an 
SSL  VPN  service,  but  says  the  service 
provider  hasn’t  had  much  success  with  it. 
“It  seems  they  wanted  to  concentrate  on 
other  things,”  he  says. 

Although  Aventail  is  walking  away  from 
a  cash-generating  business,  it  needed  to 
refine  its  focus  to  more  effectively  com¬ 
pete  in  the  SSL  VPN  gear  market,  Suby 
says.  On  the  SSL  VPN  equipment  side, 
Aventail  competes  directly  with  Juniper 
and  Array  Networks. 

Aventail  plans  to  use  the  infusion  of 
cash  to  expand  its  equipment  business. 

Netifice  says  it  will  maintain  Aventail’s 
service  center  in  Seattle  and  retain  all  of  its 
employees.  The  deal  also  includes  a  four- 


VPNs 

Subscribe  to  our  free  newsletter. 
DocFinder  5434  www.nwfusion.com 


Managed  SSL 
service  revenues 
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Managed  security  service  revenue 
■  Managed  SSL  VPN  service  revenue 

SOURCE:  FROST  AND  SULLIVAN 


year  agreement  specifying  that  Aventail 
will  supply  its  SSL  gear  to  Netifice. 

“Of  the  120  customers,  most  are  from 
very  large  global  corporations,”  says  Evan 
Kaplan,  president  and  CEO  of  Aventail.“It’s 
a  very  profitable  business  with  about  95% 
market  share.” 

Aventail’s  customers  include  DuPont, 
Deloitte,  Ernst  &  Young,  FMC  and  Mount 
Sinai  NYU  Health. 

About  half  of  the  customers  are  directly 
Aventail  customers. The  others  stem  from 
Aventail’s  healthy  wholesale  business. 
AT&T,  BT  Spain,  IBM  Global  Services, 
Infonet,  MCI  and  Sprint  all  resell  the  com¬ 
pany’s  Managed  SSL  VPN  Services. 

Young  says  Netifice  plans  to  expand  the 
wholesale  business  to  competitive  local 
exchange  carriers  in  the  near  term. 

In  addition  to  its  Aventail  acquisition, 
Netifice  announced  a  $55  million  round  of 
financing,  which  funded  the  acquisition. 
The  funding  comes  from  Netifice’s  current 
investors  Columbia  Capital,  Boston  Millen¬ 
nia  Partners,  Dolphin  Equity  Partners  and 
H1G  Capital,  and  two  new  investors  — 
Fidelity  Ventures  and  Rho  Ventures. 

Young  says  the  service  provider  will  use 
the  remainder  of  its  investment  to  grow  its 
remote-access  VPN  services  and  expand 
its  service  portfolio.  Netifice  plans  to  buy 
or  partner  with  a  VoIP  service  provider  so 
it  can  offer  a  bundled  VPN  and  VoIP  ser¬ 
vice  within  the  next  six  months.  H 
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Inside  every  small  business  there's 
a  website  waiting  to  get  out 


Specializing  »- ... 

in  estate  homes 
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Simmons 


Welcome  to  Brown  Sc 
mmons,  Realtors, 
e  have  been  specializing 
in  estate  homes  for  over 
two  generations. 

From  new  construction 
o  historic  homes, 
we're  here  to  help  you 
and  your  family  find 
the  perfect  home. 


Oursl  ions? 
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In2site  Live  Dialogue  lets  you  communicate  with 
your  site  visitors  live  and  in  real  time,  making  it  an 
invaluable  tool  for  sales,  support  and  consulting 
professionals  alike. 


I  Home  I  Local  Listings  I  Contact  us  1  Newsletter  Sign  up  1 


With  1&1  WebElements,  you  can  generate  valuable 
feedback  and  collect  qualified  leads  by  adding  template- 
driven  contact  forms,  online  polls,  event  registrations 
and  more  to  your  site. 


newsletter,. 


Welcome  to  Monftfr  Update  from  Brawn  t  Simmon*,  Realtor*.  TN*  month,  we  have  tom* 
many  special  proposes  to  show  you  You  can  cal  ms  ottc  a  at  any  lm«  to  Itod  out  more  detafct 
on  those  HstJnps 

4  tedroMn,  3  1/2  haft)  Stuunatf 
Sunt  m  1 987, Ms  single  farm*  noma  is  located 
In  a  charming  nalghtoorhood  and  ste  on  1  acre 
of  land  with  approximate*  4.200  square  festal 
living  space,  the  home  features  a  large  Pack 
from  »v«  kitchen,  large  eat-in  kitchen,  femfer 
mom,  fcrmal  twng  room.  2  ftreplacea, 
hardwood  flows  throughout,  s knights,  soaking 
tut)  in  fee  matter  Bathroom,  and  toads  more) 
This  home  Is  s  must  see* 


Dear  Jim, 


The  1&1  Newsletter  Tool  provides  a  cost-effective 
way  to  build  and  maintain  relationships  with  your 
site  visitors.  Create  your  own  mailing  lists,  manage 
recipients'  addresses,  track  results  and  more. 


It's  easy! 


"I'm  not  a  professional  web  designer,  but 
with  l&l's  included  site-building  tools  I 
was  able  to  create  a  professional-looking 
website  in  a  short  time  and  without  any 
prior  programming  experience.  I  can't 
believe  how  easy  it  was  for  me  to  create 
my  own  high-impact  web  presence!" 

Bruce  Zachary,  Engineer 


It  works! 

"1&1  includes  these  great  marketing 
tools  that  help  me  better  communicate 
with  my  customers.  I  can  see  when 
someone  comes  to  my  site  and  converse 
with  them  right  then  and  there!  I  can 
easily  collect  and  manage  my  customers' 
data,  and  I  can  send  e-mail  newsletters 
announcing  special  offers." 

Kelly  Sloan,  Salon  Owner 


It's  free! 

"When  I  heard  about  l&l's  previous 
test  drive  promotion,  I  decided  to  give 
web  hosting  a  try.  Turned  out,  a  website 
was  exactly  what  my  business  needed. 

I  am  able  to  showcase  my  work  and 
attract  new  customers.  Being  able  to 
test  drive  the  package  convinced  me 
to  stay  with  1&1." 

Arthur  Limes,  Carpenter 


Test  drive  the  1&1  BusinessPro  Package  - 
l&l's  most  popular  hosting  plan  -  including 
all  the  professional  tools  you  need! 

/  6  Month  FREE  Trial! 
y  No  Credit  Card  Required! 
y  No  Strings  Attached! 
y  1  Domain  Name  Included! 


1  &1  began  as  a  small  business  some  years  ago,  so  we 
understand  your  needs.  If  you're  ready  to  move  your 
business  online  but  thought  it  would  be  too  difficult 
or  too  large  of  an  expense,  turn  to  1  &1 .  Our  hosting 
solutions  are  turnkey  so  you  don't  have  to  search  for 
the  features  you  need  -  they're  all  included!  Even  the 
design  takes  just  minutes.  And,  the  business  packages 
starting  at  only  $9.99  per  month  won't  break  your 
budget! 

I  Now  -  for  a  limited  time  -  you  can  get  online  with 
1  &1  with  a  no  obligation,  6-month  test  drive  of 
the  1  &1  BusinessPro  Package  -  1  &Ts  most  popular 
hosting  plan!  Join  the  millions  of  small  businesses  who 
have  already  established  a  successful  online  presence 
with  1  &1 .  Your  free  trial  is  just  a  click  away.  But  hurry, 

:  this  offer  ends  April  24,  2005 ! 
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switching  solution. 


BERVERlRONXL 


r - 

Uptime,  scalability,  performance 
and  security  are  the  watchwords 
for  your  networkThe  Serverlron® 
application  switch  is  designed  for 
this  environment.  Its  advanced 
switch-based  architecture 
features  a  scalable  content 
switching  engine  with  hardware- 
based  DoS  protection  delivering 
the  industry’s  most  powerful 
and  secure  application 


THE  SERVERlRON 
FAMILY  DF  PRODUCTS 

Also  Includes: 


SERVERlRDN  450  AND  BSD 


AFP 
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High  Availability  & 
Reliability 

•  Resilient  switching  and  routing  foundation 

•  Global  load  balancing  for  multi-site 
scalability  and  survivability 

•  Link  aggregation 

•  Rapid  and  stateful  session  failover 

•  RSTP,  VRRP  for  switch  and  router 
redundancy 

•  Redundant  power  supplies 


I  FLEXIBILITY  & 

manageability 

•  In-line,  one-ARM  and  Direct  Server 
Return  modes 

•  Web,  SNMP,  INM  and  Cisco-like  CU 


amm  Thin 


Security 

•  DoS  protection  up  to  4  million 

•  Wire-speed  ACLs 

•  Application  rate  limiting 

•  Secure  device  management 

•  sFlow  traffic  monitoring 


SYN/sec 


Rich  Features 

•  Intelligent  content  switching  using 
URL  HTTP,  XML,  cookies,  SSL 
ID  and  others 

•  IP  NAT 

•  RIPv2,  OSPF  routing 


Superior  Performance 

•  Up  to  1 40,000  L4  connections/sec 

•  Application  throughput  from  2  to  1 2  Gbps 

•  Wire-speed  Layer  2/3  forwarding 

•  Scalable  processor  performance 


SCALABILITY  & 
EXPANDABILITY 


•  Port  expansion  to: 

•  48  Gigabit  Ethernet 

•  48  10/100  Mbps  Ethernet 

•  4  1 0-Gigabit  Ethernet 


/ - - N 


PERFORMANCE  UPGRADE  ABILITY 

V' 

X 

IN-SERVICE  PORT  EXPANDABILITY 

V' 

X 

1D-GE  SUPPORT,  >1D  GPBS  THROUGHPUT 

X 

HIGH-DENSITY  DIRECT  SERVER  FAN-OUT 

V' 

X 

HARDWARE-BASED  CONNECTION 

MANAGEMENT  AND  DOS  PROTECTION 

v' 

X 

WIRE-SPEED  L2/L3  FORWARDING  AND  ACLS 

X 

FOUNDRY 

NETWORKS 

The  Power  of  Performance ™ 


Server  Irons  A  Accelerators 


Foundry  Networks,  Inc.  is  a  leading  provider  of  high-performance  Enterprise  and  Service  Provider  switching,  routing  and  Web  traffic  management  solutions 
including  Laver  2/3  LAN  switches,  Layer  3  Backbone  switches,  Layer  4-7  Web  switches,  wireless  LAN  and  access  points,  access  routers  and  Metro  routers. 

V _ _ _ _ 


FOR  more  information  please  call:  US/CANADA  1  BBS  TURBOLAN, 
INTERNATIONAL  +1  408.586.  1  700  OR  VISIT  OUR  WEBSITE  AT  WWW.FOUNDRYNET.COM/SIE 
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PCI  Express  pumps  up  performance 


PCI  Express 

PCI  Express,  a  flexible  and  efficient  I/O  architecture, 
improves  overall  computer  system  performance. 


HOW  IT  WORKS 


PCI  Express-based  server 
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Host  bridge 
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I/O  devices/HBAs 
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o 

PCI  Express  switch 

Data  packet 
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O  A  PCI  Express  switch  ©  Data  packets  move  via  ©  I/O  adapters/HBAs  ©  The  host  bridge  connects 

chine  data  nanlote  to  the  tha  lanoc  hatuiaan  tha  naraiva  rlata  narlatc  wia  tho  anhanoaH  I  /H  oi/otorr 


appropriate  I/O  device/ 
host  bus  adapter  (HBA) 
via  lanes  or  links. 


the  lanes  between  the 
PCI  Express  switch  and 
the  I/O  device/HBA  at  a 
rate  of  2.5G  bit/sec  in 
each  direction. 


receive  data  packets  via 
the  PCI  Express  interface 
or  lane. 


the  enhanced  I/O  system 
(the  PCI  Express  switch  and 
I/O  card/HBA)  to  the  CPU 
and  the  memoir,  ensuring 
better  overall  computer 
system  performance. 


■  BY  LOVEST  WATSON 

In  the  past  decade,  PCI  has  served  as  the 
dominant  I/O  architecture  for  PCs  and 
servers,  carrying  data  generated  by  micro¬ 
processors,  network  adapters,  graphics 
cards  and  other  subsystems  to  which  it  is 
connected.  However,  as  the  speed  and 
capabilities  of  computing  components 
increase,  PCI’s  bandwidth  limitations  and 
the  inefficiencies  of  its  parallel  architec¬ 
ture  increasingly  have  become  bottle¬ 
necks  to  system  performance. 

PCI  is  a  unidirectional  parallel  bus 
architecture  in  which  multiple  adapters 
must  contend  for  available  bus  band¬ 
width.  Although  performance  of  the  PCI 
interface  has  been  improved  over  the 
years,  problems  with  signal  skew  (when 
bits  of  data  arrive  at  their  destination  too 
late),  signal  routing  and  the  inability  to 
lower  the  voltage  or  increase  the  fre¬ 
quency  strongly  indicate  that  the  archi¬ 
tecture  is  running  out  of  steam.  Ad¬ 
ditional  attempts  to  improve  its  perfor¬ 
mance  would  be  costly  and  impractical. 
In  response,  a  group  of  vendors,  including 
some  of  the  largest  and  most  successful 
system  developers  in  the  industry. 


Got  great  ideas 


■  Network  World  is  looking  for  great 
ideas  for  future  Tech  Updates.  If  you 
want  to  contribute  a  primer  on  a  spe¬ 
cific  technology,  standard  or  protocol, 
contact  Amy  Schurr,  senior  managing 
editor,  features  (aschurr@nww.com). 


unveiled  an  I/O  architecture  dubbed  PCI 
Express  (initially  called  Third  Generation 
I/O,  or  3GIO). 

PCI  Express  is  a  point-to-point  switching 
architecture  that  creates  high-speed,  bi¬ 
directional  links  between  a  CPU  and  sys¬ 
tem  I/O  (the  switch  is  connected  to  the 
CPU  by  a  host  bridge). Each  of  these  links 
can  encompass  one  or  more  “lanes”  com¬ 
prising  four  wires  —  two  for  transmitting 
data  and  two  for  receiving  data.  The 
design  of  these  lanes  enables  the  use  of 
lower  voltages  (resulting  in  lower  power 
usage),  reduces  electromagnetic  emis¬ 
sions,  eliminates  signal  skew,  lowers  costs 
through  simpler  design  and  generally 
improves  performance. 


In  its  initial  implementation,  PCI  Express 
can  yield  transfer  speeds  of  2.5G  bit/sec 
in  each  direction,  on  each  lane.  By  con¬ 
trast,  the  version  of  the  PCI  architecture 
that  is  most  common  today,  PCI-X  1.0, 
offers  1G  bit/sec  in  throughput.  PCI 
Express  cards  are  available  in  four-  or 
eight-lane  configurations  (called  x4  and 
x8).An  x4  PCI  Express  card  can  provide 
as  much  as  20G  bit/sec  in  throughput, 
while  an  x8  PCI  Express  card  can  offer  up 
to  40G  bit/sec  in  throughput. 

Earlier  attempts  to  create  a  new  PCI 
architecture  failed  in  part  because  they 
required  so  many  changes  to  the  system 
and  application  software.  Drivers,  utilities 
and  management  applications  all  would 


have  to  be  rewritten.  PCI  Express  devel¬ 
opers  removed  the  dependency  on  new 
operating  system  support,  letting  PCI- 
compatible  drivers  and  applications  run 
unchanged  on  PCI  Express  hardware. 

A  bus  for  the  future 

Developers  are  working  on  increasing 
the  scalability  of  PCI  Express.  While  cur¬ 
rent  server  and  desktop  systems  support 
PCI  Express  adapters  and  graphics  cards 
with  up  to  eight  lanes  (x8),the  architec¬ 
ture  will  support  as  many  as  32  lanes 
(x32)  in  the  future. 

The  first  Fibre  Channel  host  bus 
adapters  were  designed  to  support  four 
lanes  instead  of  eight  lanes,  in  part 
because  server  developers  had  designed 
their  systems  with  four-lane  slots.  As  even 
more  bandwidth  is  required,  implement¬ 
ing  an  eight-lane  design  potentially  could 
double  the  performance,  provided  there 
were  no  other  bottlenecks  in  the  system. 

This  scalability,  along  with  the  expected 
doubling  of  the  speed  of  each  lane  to  5G 
bit/sec,  should  keep  PCI  Express  a  viable 
solution  for  designers  for  the  foreseeable 
future. 

PCI  Express  is  a  significant  improvement 
over  PCI  and  is  well  on  its  way  to  becom¬ 
ing  the  new  standard  for  PCs,  servers  and 
more.  Not  only  can  it  lower  costs  and 
improve  reliability,  but  it  also  significantly 
can  improve  performance.  Applications 
such  as  music  and  videostreaming,  video 
on  demand,  VoIP  and  data  storage  will 
benefit  from  these  improvements. 

Watson  is  the  product  manager  responsi¬ 
ble  for  PCI  Express  and  blade  products  at 
Emulex.  He  can  be  reached  at  lovest. 
watson  @emulex.  com. 


Dr.  Internet 


By  Steve  Blass 


Should  I  worry  about  cell  phone  viruses? 

It  depends  on  your  phone  and  data.  The  first  media 
reports  of  cell  phone  virus  sightings  came  last 
year,  with  sightings  in  the  U.S.  this  year.  Phones 
that  use  the  Symbian  Series  60  operating  system 
seem  to  be  the  target  of  choice.  This  includes 
phones  from  LG,  Nokia,  Samsung,  Lenovo,  Pana¬ 
sonic,  Siemens  and  a  few  others.  As  of  March  7, 
one  could  download  a  copy  of  the  first  Multimedia 


Messaging  Service  virus,  CommWarrior  (www.nw 
fusion.com,  DocFinder:  6223).  Fortunately,  F-Secure 
spotted  it  the  same  day  (DocFinder:  6224),  as  did 
SimWorks  (DocFinder:  6225).  We  need  to  be 
smarter  about  securing  them  and  personal-area 
networks.  Turn  off  Bluetooth  when  you're  not  using 
it.  Practice  safe  phone  habits.  Watch  your  bills  for 
calls  you  didn’t  make.  Find  out  what  OS  your  phone 
uses  and  how  to  secure  it.  Look  for  anti-virus  soft¬ 
ware  for  your  PC  that  can  screen  what  gets  deliv¬ 


ered  through  a  docking  station.  The  real  dangers 
today  are  viruses  (such  as  CommWarrior)  that 
could  initiate  calls.  Malicious  outbound  dialers  can 
cost  customers  lots  of  money.  Searching  Google 
for  "Symbian  anti-virus"  will  return  several  anti¬ 
virus  options  for  your  phone. 

Blass  is  a  network  architect  at  Change@Work  in 
Houston.  He  can  be  reached  at  dr.  internet® 
changeatwork.  com. 
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Teojirology  Update 


GEARHEAD 
INSIDE  THE 
NETWORK 
MACHINE 

Mark 

Gibbs 


Before  we  start  on  this  week’s  topic 
we  have  a  quick  rant  to  get  out  of 
the  way:  How  can  it  be  that  here  in 
2005,  when  the  PC  is  24  years  old  and  the 
human  race  has  been  developing  soft¬ 
ware  for  going  on  60  years,  that  people 
can  forget  about  decent  error  handling 
and  status  reports?  Is  it  too  much  to  ask 
that  when  something  goes  wrong  and  the 
software  tries  to  tell  us  what  happened,  we 
don’t  get  messages  that  make  the  federal 
tax  code  look  like  plain  English? 

For  example,  check  out  a  Gearblog  cri¬ 
tique  of  a  blog  editor  called  Ecto  (www. 
nwfusion.com/weblogs/gearblog/2005/ 
008002.html),  which  is  a  classic  demon¬ 
stration  of  lousy  error  reporting. 

This  is  not  a  new  complaint  from  us,  but 
it  seems  that  software  developers  and/or 
their  management  are  progressively  more 
detached  from  real-world  issues  such  as 
status  and  error  reporting.  And  don’t  get  us 
started  on  the  topic  of  documentation. 
Anyway  this  week,  we  are  interested  in 


Back  that  thang  up! 


the  topic  of  backups.  This  is  because  we 
got  our  hands  on  a  really  cool  appliance- 
style  device  that  performs  this  service 
very  cost-effectively  and  is  suitable  for 
workgroups,  branch  offices  and  small 
organizations.  The  device  is  the  IntraDyn 
RocketVault. 

RocketVault 

RocketVault  is  available  in  three  form  fac¬ 
tors:  A  small  box  (8  inches  by  7.5  inches  by 
1 1  inches)  or  as  standard  1U  or  2U  19-inch 
rack-mount  boxes  —  the  size  depends  on 
the  storage  capacity  which  ranges  from 
240M  bytes  to  2T  bytes. 

Let’s  cut  to  the  chase:  How  does  the 
RocketVault  work?  Simple. You  tell  it  which 
SMB/CIFS  resources  you  want  it  to  copy 
what  kind  of  copy  to  make  and  when  the 
copy  should  be  done  —  that’s  all  there  is  to 
it.That,and  a  few  million  details. 

So  let’s  review  some  of  the  details:  First, 
what  is  SMB?  We’re  sure  you  all  actually 
know  but  for  those  who  might  have  for¬ 
gotten  the  details  or  aren’t  really  Windows 
peeps,  SMB  stands  for  Server  Message 
Block.  This  is  a  really  terrible  name  for  a 
client/server,  mainly  request-response  pro¬ 
tocol  designed  for  sharing  files,  printers, 
serial  ports,  named  pipes  and  mail  slots 
on  networks. 


According  to  “SMB  File  Sharing  UR1 
Scheme”  (an  IETF  Internet  Draft, see  www. 
nwfusion.com,  DocFinder:  6250),  Server 
Message  Block  protocol  “was  created  in 
the  1980s  by  Barry  Feigenbaum  at  IBM.  It 
was  later  extended  by  various  contribu¬ 
tors  at  3Com,  IBM,  Intel  and  Microsoft.” 
Bluntly  put,  SMB  has  grown  long  whiskers 
and  has  bad  breath,  but  it  works  reason¬ 
ably  well  and  is  now  cross-platform. 

SMB  clients  can  connect  to  servers 
using  NetBIOS  over  TCP/IP  (RFC  1001  and 
RFC1002,  which  are  called  —  depending 
on  which  way  the  wind  is  blowing  —  NBT 
or  NetBT  by  Microsoft,  or  RFCNB  by  oth¬ 
ers),  NetBIOS  over  DECnet  (a  trip  down 
memory  lane  there  for  those  who  used 
Pathworks),  NetBEUI  (NBF  in  Microsoft- 
speak),  or  IPX/SPX  (ah,  those  were  the 
days)  .There’s  also  SMB  directly  carried  by 
TCP/IE  otherwise  called  SMB  over  “native 
TCP”  or  “naked  transport.” 

For  a  riveting  explanation  of  all  the 
vagaries  of  SMB  and  how  the  protocol 
works  check  out  Samba.org’s  “What  is 
SMB?”  page  (DocFinder:  6251). 

In  case  you’ve  been  living  in  a  cave  and_ 
not  interacting  with  other  human  beings 
—  for  example,  if  you  work  for  the  FCC  — 
then  we  should  explain  what  Samba  is: 
It’s  “an  open  source/free  software  suite 
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that  provides  seamless  file  and  print  ser¬ 
vices  to  SMB/CIFS  clients.  Samba  is  freely 
available  under  the  GNU  General  Public 
License.” 

CIFS  defined 

But  we  wrote  SMB/CIFS  didn’t  we?  CIFS 
is  another  Microsoft-originated  protocol. 
CIFS  is  really  SMB  updated,  which  came 
about  because  Microsoft  implemented 
SMB  in  a  manner  that  might  be  described 
as  haphazard, so  a  fix  was  needed. 

According  to  the  Samba  “meta  FAQ” 
(DocFinder:  6252): “The  initial  pressure  for 
Microsoft  to  document  their  current  SMB 
implementation  came  from  the  Samba 
team,  who  kept  coming  across  things  on 
the  wire  that  Microsoft  either  didn’t  know 
about  or  hadn’t  documented  anywhere 
(even  in  the  source  code  to  Windows  NT). 
Then  Sun  came  out  with  their  WebNFS  ini¬ 
tiative,  designed  to  replace  FTP  for  file 
transfers  on  the  Internet. . .  .Some  hasty  revi¬ 
sions  were  made  and  an  Internet  Draft  for 
the  Common  Internet  Filesystem  was 
released.” 

We’re  out  of  space.  More  next  week.  You 
know  the  protocol:  gearhead@gibbs.com. 
And  don’t  forget  Gearblog  (www.nwfu 
sion.  com /weblogs  /gearblog). 


Quick  takes 
on  high-tech  toys 

By  Keith  Shaw 


Sharp  launches  second  3-D  Actius  notebook 

Sharp  Systems  of  America  last  week  announced  its  new 
3-D  LCD  notebook,  the  Actius  AL3D  (the  successor  to 
Sharp’s  RD3D  notebook).  The  notebook  is  available  for 
about  $3,500,  Sharp 
says. 

It  features  perfor¬ 
mance  upgrades  such 
as  the  new  Intel 
Pentium  M  Processor 
750  (1.86  GHz),  a  new 
NVIDIA  GeForce  Go 
6600  graphics  proces¬ 
sor  (with  128M  bytes  of 
video  RAM),  and  1G 
byte  of  DDR2  (double 
data  rate)  synchronous 
dynamic  RAM.Target  mar¬ 
kets  include  professionals 
familiar  with  3-D  visual¬ 
ization  and  computer 
modeling,  such  as  med¬ 
ical  research,  pharma¬ 
ceuticals,  education,  oil 
and  gas,  and  manufacturing. 

The  TFT  3D  LCT  technology  used  in  the  unit  offers  a 
realistic  sense  of  depth  and  presence,  Sharp  says.The  3-D 


The  Actius  AL3D  lets  users  view  3-D  images  without  having 
to  wear  special  glasses. 


effect  is  achieved  by  using  a  parallax  barrier  technique, 
which  lets  viewers  see  3-D  images  without  having  to  wear 
special  glasses.  The  notebook  also  has  a  button  that  lets 
users  toggle  between  2-D  and  3-D  displays. 

The  consumer  market  also  is  a  target.  NVIDIA  technol¬ 
ogy  lets  more  than  1,000  games  take  advantage  of  3-D 
viewing  on  the  displays.  The  AL3D  also  will  ship  with 
DDD  Group’s  TriDef  DVD  player,  which  does  “on-the-fly 
3-D  conversion  of  any  DVD  movie,”  Sharp  says. 

The  AL3D  includes  a  15-inch  XGA  (l,024-by-768-pixel) 
display  panel,  a  multi-DVD  reader/writer  and  CD-RW  opti¬ 
cal  drive,  built-in  stereo  speakers  with  5.1  channel  virtual 
surround  sound  support,  IEEE  1394  port,  three  USB  2.0 
ports,  Gigabit  Ethernet  port,  56K  bit/sec  modem  port  and 
VGA  out  port.  In  addition  to  the  TriDef  DVD  player,  bun¬ 
dled  software  includes  Sharp’s  Smart  Stereo  Photo 
Editor/Slide  Show,  which  lets  users  create  3-D 
images  from  digital  photographs,  and  an  eval¬ 
uation  of  the  Amira  visualization  package 
from  Mercury  Computer  Systems,  which  cre¬ 
ates  3-D  models  for  medicine,  biology  physics 
and  engineering. 

More  details  on  the  notebook  and 
the  technology  are  available  at  www. 
sharp3D.com. 

Phoenix  Audio  debuts  speakerphone  for 
VoIP  apps 

.  —  Phoenix  Audio  Technologies 

last  week  launched  a  USB 
device  that  provides 
speakerphone  func¬ 
tionality  to  desktop 
or  notebook  VoIP 
users.  The  Duet 


Phoenix  Audio's  Duet  USB  Speakerphone  can  con¬ 
ference  in  VoIP  and  standard  callers  together. 


Take  a  router  on  the 
road  with  the  Linksys 
Compact  Wireless  G 
Broadband  Router, 


USB  Speakerphone  can  con¬ 
nect  to  a  notebook  or  to  a  com¬ 
puter  and  a  telephone  for  con¬ 
ferencing  VoIP  callers  and  stan¬ 
dard  callers,  Phoenix  says. 

The  Duet  device  will  cost 
about  $300  and  is  scheduled 
to  ship  in  April.  Go  to  the 
Phoenix  Audio  Web  site  (www. 
phnxaudio.com)  for  ordering 
information. 


Linksys  launches  compact 
wireless  router 

Linksys  last  week  took  the  lid 
off  its  Compact  Wireless-G 
Broadband  Router  (WRT54GC),a 
device  that  combines  an 
802.1  lb/g  wireless  access  point, 

4-port  10/100  switch  and  a  router  that  lets  users  securely 
share  a  network  with  a  high-speed  broadband  Internet 
connection.  The  device  is  available  through  retailers  for 
about  $80,  Linksys  says. 

The  compact  size  is  designed  for  users  who  have  lim¬ 
ited  space  or  want  to  take  the  device  on  the  road  to  use 
in  hotel  rooms  with  broadband  Internet  capabilities. 

The  WRT54GC  supports  Wi-Fi  Protected  Access  (WPA 
and  WPA2  Personal),  wireless  media  access  control 
address  filtering  and  VPN  pass-through,  and  includes  a 
stateful  packet  inspection  firewall.  While  it  comes 
with  a  built-in  antenna,  the  device  also  has 
an  optional  high-gain  antenna  (the 
HGA7S)  that  lets  users  increase 
the  wireless  range. 

Shaw  can  be  reached  at 
Hr  kshaw@nww.com. 
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You  need  to  print  now. 
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(Isn't  it  time  for  a  printer  that's  ready  when  you  are?) 
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HP  LaserJet  1320n  printer 

•  Print  speed:  up  to  22  ppm  black 

•  Resolution:  1200  x  1200  dpi 

•  RAM:  16MB  std„  144MB  max. 

•  Network-ready 

•  Paper  handling:  250-sheet  input  capacity 

•  Duty  cycle:  10,000  pages  per  month 

•  1-year  limited  warranty 


HP  Color  LaserJet  3500n  printer 

•  Print  speed:  up  to  12  ppm  black  and  color 

•  Resolution:  HP  ImageREt  2400 

•  RAM:  64MB 

•  Network-ready 

•  Paper  handling:  350-sheet  input  capacity 

•  Duty  cycle:  45,000  pages  per  month 
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HP  LaserJet  4345x  mfp 

•  Print  and  copy  speed:  up  to  45  ppm 

•  Resolution:  up  to  1200  x  1200  with  HP  FastRes 

•  RAM:  256MB  std.,  512MB  max. 

•  Paper  handling:  1 1 00-sheet  input  capacity 

•  Scanner  and  digital  sender  resolution:  600  x  600  dpi 


Thanks  to  Instant-on  Technology,  these  HP  LaserJet  printers  can  finish  printing  an  average  job  before  most  other 
printers  even  warm  up;  So  you  get  your  document  up  to  three  times  faster.  And  that's  just  one  of  the  ways  HP  saves 
you  now  and  for  years  to  come.  Get  the  quick  printing  you  need.  Get  an  HP  printer  from  CDW. 


■  Automatic  duplexing 

■  Analog  fax 
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The  Right  Technology.  Right  Away. 

CDW.com  •  800.780.4CDW 
In  Canada,  call  800.387.2173  *  CDW.ca- 

; 


* 


'Call  your  CDW  account  manager  for  S50  mail-in  manufacturer  rebate;  offer  ends  4/30/05.  'Call  your  CDW  account  manager  for  SI  20  mail-in  manufacturer  rebate;  offer  ends  4/30/05.  ’$590  trade-in  based  on  1/28/05  estimated  trade-in  value  of  HP  LaserJet  41  OOmfp  in  good  working  condition;  visit  CDW.com/hptradein  or  contact 
a  CDW  account  manager  for  details.  *An  average  print  job  is  3-5  pages  with  5%  coverage.  Not  all  HP  LaserJet  printers  have  Instant-on  Technology.  Offer  subject  to  CDW's  standard  terms  and  conditions  of  sale,  available  at  CDW.com.  ©  2005  CDW  Corporation 
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ON  TECHNOLOGY 

John  Dix 

Storage 
security  firm 
times  it  right 


Bank  of  America  recently  confirmed  it  lost  back-up 
data  tapes  that  contained  information  about  a  fed¬ 
eral  government  credit  card  program  while  they 
were  en  route  to  a  disaster-recovery  site.  And  last  summer 
an  AOL  employee  stole  92  million  e-mail  addresses  and 
sold  them  to  a  spammer. 

These  and  other  recent  events  are  pointing  up  the  need 
for  another  layer  of  security:  storage  encryption.  So  we 
decided  to  check  in  with  Decru,a  company  targeting  this 
vulnerability  that  we  first  ran  into  at  the  Storage  Network¬ 
ing  World  Conference  in  2002. 

Decru  sells  a  security  appliance  called  the  DataFort, 
which  essentially  sits  in  front  of  storage  devices  —  direct- 
access,  networked-attached,  or  tape  —  and  encrypts  every¬ 
thing  at  wirespeed  as  it  is  being  written. 

Business  is  booming,  says  Dan  Avida,  president  and  CEO. 
The  company  is  private  and  doesn’t  release  financials,  but 
Avida  says  sales  are  growing  70%  quarter  over  quarter  and 
his  customer  base  is  approaching  100. 

Decru  has  had  early  success  with  government  accounts 
and  now  is  seeing  a  lot  of  activity  in  financial  services, 
healthcare  and  high  tech.The  company  just  signed  a  deal 
with  Boeing  Credit  Union,  which  will  use  the  DataFort  to 
encrypt  all  back-up  tapes  sent  off-site,  Avida  says. 

Vice  President  of  Marketing  Kevin  Brown  says  last  year 
sales  cycles  were  six  months  and  customers  were  buying 
two  to  four  units  to  pilot  with  a  given  application.Today 
early  customers  are  back  for  dozens  more  units,  and  sales 
cycles  are  often  as  short  as  three  weeks. 

DataForts  are  being  used  to  protect  everything  from 
credit  card  data  to  healthcare  information,  corporate 
earnings  and  salary  data.  Software  developers  and 
Hollywood  studios  have  installed  them  to  safeguard  their 
crown  jewels  —  their  intellectual  property,  Avida  says. 

Brown  says  that  storage  networks  mean  ever  larger  popu¬ 
lations  have  access  to  stored  records,  and  many  compa¬ 
nies  still  underestimate  who  has  access  to  data.“What 
about  the  guy  called  in  to  service  a  disk  drive?  It  might 
simply  be  a  circuit  board  fix  and  suddenly  he  has  access 
to  all  that  data.” 

Decru  recently  unveiled  client  software  that  gives  cus¬ 
tomers  even  finer-grain  control  over  who  can  access  what. 
With  the  software  option,  applications  are  crypto-signed  so 
customers  can  specify  for  example,  that  only  user  seven  of 
Oracle  lOg  is  allowed  to  access  credit  card  data  in  LUN  12 
and  oniy  between  9  a.m.and  2  p.m.,  Brown  says. 

While  that  might  be  an  extreme  example,  recent  events 
show  a  growing  need  to  at  least  encrypt  critical  stored 
data. 


www.nwfusion.com 


opinions 


PCs  and  the  environment 

Regarding  Mark  Gibbs’  BackSpin  column  about  dis¬ 
posing  unwanted  PCs  (“More  selfishness,” 
www.nwfusion.com,  DocFinder:  6222):  One  alter¬ 
native  Gibbs  didn’t  mention  is  donating  the  PCs  to 
organizations  such  as  Computers  Assisting  People 
(CAP). 

For  almost  10  years,  CAP’s  technically  skilled  vol¬ 
unteers  have  accumulated  systems,  wiped  the  dri¬ 
ves,  loaded  legal  software  and  given  away  thou¬ 
sands  of  PCs  to  more  than  200  nonprofits  in  the 
Cleveland  and  northeast  Ohio  area. 

We  have  seen  the  quality  of  lives  improved  as  a 
senior  or  other  shut-in  has  the  world  opened  up  to 
them  via  the  Internet.  Or  a  mentally  disabled  per¬ 
son  spends  many  happy  hours  in  front  of  the  PC.  Or 
an  inner-city  resident  gets  a  job  after  acquiring 
some  PC  skills.  Or  a  recently  released  prisoner 
learns  some  useful  skills.  Or  a  teen  having  a  safe 
place  to  hang  out  and  mess  with  computers.  Some 
have  even  received  college  scholarships. 

We  find  that  any  PC  that  can  run  Windows  98SE 
is  still  valuable.  Recipients  can  play  games,  browse 
the  Web,  do  e-mail,  run  Office-like  applications 
and  so  on. 

We  accept  Pentium  PCs,  although  we  strive  for 
Pentium  II  PCs  and  higher  for  the  labs  we  set  up  in 
schools  and  community  centers.  We  would  love  to 
get  on  the  schedule  for  companies  that  regularly 
upgrade  every  few  months  or  years. 

There  are  nonprofit  programs  similar  to  CAP  in 
other  cities  and  states.  You  can  learn  more  about 
CAP  at  www.capinc.org. 

Dan  Hanson 
Director 

Computers  Assisting  Pfeople 
Cleveland 

E-mail  letters  to  jdix@nww.com  or  send  them  to  John  Dix,  editor  in 
chief,  Network  World,  118  Turnpike  Road,  Southborough,  MA  01772. 
Please  include  phone  number  and  address  for  verification. 


Thin  clients  can  help  reduce  some  of  the  outflow 
of  “obsolete”  computers.  Rather  than  simply  dump¬ 
ing  or  recycling  old  PCs,  they  can  get  a  new  life  as 
a  thin  client. 

For  everyone  willing  to  work  with  Linux  applica¬ 
tions,  the  Linux  Terminal  Server  Project  (www. 
ltsp.org)  is  a  great  way  to  use  old  Pentiums  with 
only  32M  bytes  of  memory  as  thin  clients.  It’s  true 
you  need  a  server  and  some  networking  to  drive 
the  thin  client  PCs,  but  a  decent  PC  is  enough  to 
run  several  PC  thin  clients  —  and  small  lOOM-byte 
switches  are  inexpensive. 

For  those  who  prefer  Windows,  Windows  terminal 
services  (WTS)  work  well.  I’ve  used  both  LTSP  and 
WTS  in  a  business  environment  for  more  than  a 
year  —  administration  and  support  have  been  easy 
and  we’ve  had  the  benefit  of  using  computers  that 
we  would  have  been  hard  pressed  to  give  away  For 
many  organizations,  the  ready  availability  of  donat¬ 
ed  PCs,  free  Linux  software  and  some  inexpensive 
networking  means  they  can  avoid  buying  much  (if 
any)  new  equipment. 

Unfbrtunately  it’s  hard  to  get  people  to  try  these 
approaches.  Years  of  “needing”  new  PCs  every  18 
months  have  conditioned  everyone  to  think  that  is 
the  only  option.  Along  the  way  a  burdensome  and 
expensive  infrastructure  for  managing  updates 
and  anti-spy/virus  support  across  multiple  PCs 
evolved  and  is  now  seen  as  normal.  It  doesn’t  have 
to  be  this  way  —  but  convincing  decision  makers 
who  are  afraid  they  will  somehow  be  missing 
something  if  they  “settle”  for  a  thin  client  is  an 
uphill  battle.  I’ve  had  the  opportunity  to  demon¬ 
strate  LTSP  to  many  people  —  all  of  whom  are 
astonished  at  the  power  they  get  without  having  to 
buy  new  PCs. 

1  realize  thin  clients  aren’t  the  answer  for  a  lot  of 
the  e-waste  we  generate,  but  they  can  be  part  of 
the  solution. 

Tim  Frichtel 
Los  Angeles 


—  John  Dix 
Editor  in  chief 
jdix@nww.com 


Bernie  Ebber  s  ’ Hands  On  Management 


39 


www.nwfusion.com 


3/14/05 


NetworkWorld 


NETWORK  ECONOMICS 

Michel  Kabay 


Tying  the  invisible  hand 


When  Scottish  economist  Adam  Smith  wrote  of  the  “invisible 
hand”  in  An  Inquiry  into  the  Nature  and  Causes  of  the  Wealth  of 
Nations ,  he  argued  for  governmental  non-interference  in  busi¬ 
ness  affairs.  The  enlightened  self-interest  of  the  individuals  producing 
and  selecting  goods  and  services, Smith  contended, would  lead  toward 
the  general  good. 

Optimizing  economic  activity  depends  on  the  free  flow  of  accurate 
information.  Bad  information,  such  as  false  claims  of  durability  for  a 
cheap  knock-off  of  a  higher-quality  product,  distorts  economic  choices. 

Government  serves  commerce  through  the  rule  of  law.  For  example, 
civil  law  helps  to  enforce  contracts  and  discourage  abuse.  The  law  of 
torts  includes  provisions  for  intentional  harm  and  harm  caused  by  neg¬ 
ligence.  Knowing  there  could  be  damages  awarded  for  failing  to  exer¬ 
cise  due  care  in  doing  business  strengthens  the  invisible  hand. 

But  what  of  cases  in  which  malfeasance  harms  many  but  the  individ¬ 
ual  damages  are  small?  For  example,  last  month  eBay  was  accused  in 
California  Superior  Court  Santa  Clara  of  having  used  shill  bidding 
(fraudulent  raising  of  bids)  against  its  own  customers  to  drive  up  prices 
and  increase  its  own  fees.  No  one  customer  likely  would  have  been 
harmed  enough  to  warrant  an  individual  lawsuit. 

Class-action  lawsuits  serve  the  public  interest  by  aggregating  the 
harm  done  to  many  victims  so  that  abusers  can  be  penalized  suffi¬ 
ciently  to  discourage  similarly  harmful  actions  in  the  future.  Class- 
action  suits  serve  the  long-term  interests  of  the  entire  economy  by 
increasing  the  cost  of  doing  bad  business. 

Recent  class  actions  against  software  vendors  and  service  providers 
illustrate  the  importance  of  these  issues  to  network  and  systems  admin¬ 


istrators  and  users: 

•  Apple  was  sued  last  month  for  allegedly  harming  resellers  and  con¬ 
sumers  in  a  variety  of  ways,  including  stealing  client  lists  and  misrep¬ 
resenting  used  equipment  as  new  products. 

•  Fujitsu  was  sued  for  selling  defective  hard  drives  and  settled  a  class- 
action  lawsuit  in  March  2004. 

•  Microsoft  was  subject  to  a  barrage  of  anti-trust  lawsuits  claiming 
abuse  of  its  effective  monopoly  on  PC  operating  systems. 

•  PayPal  was  accused  of  improperly  handling  suspected  fraud 
involving  its  customers. 

•  Verizon  is  accused  of  harming  users  through  its  radical  spam¬ 
blocking  policies. 

Last  month,  President  Bush  signed  the  Class  Action  Fairness  Act  of 
2005.The  Act  moves  any  class-action  lawsuit  with  more  than  $5  million 
in  potential  damages  out  of  state  court  if  less  than  one-third  of  the 
plaintiffs  in  the  action  are  from  the  same  state  as  the  defendant. 
Unfortunately  for  the  invisible  hand,  there  are  only  678  federal  judges 
who  potentially  will  be  hearing  these  cases,  instead  of  the  9,200  state 
judges  who  could  have  done  so.  As  a  result,  the  prospects  for  speedy 
hearings  are  now  poor. 

I  hope  Network  World  readers  will  pay  close  attention  to  what  hap¬ 
pens  to  consumer  power  as  this  supposed  reform  begins  to  shackle  the 
invisible  hand. 

Kabay  is  associate  professor  of  information  assurance  in  the 
Division  of  Business  and  Management  at  Norwich  University  in 
Northfield,  Vt.  He  can  be  reached  at  mkabay@norwich.edu. 
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CACHE  ADVANCE 

Linda  Musthaler 

There  is  a  line  in  the  famous  Hippocratic 
oath  that  states, “I  will  follow  that  system 
of  regimen  which,  according  to  my  abil¬ 
ity  and  judgment, I  consider  for  the  benefit  of 
my  patients,  and  abstain  from  whatever  is 
deleterious  and  mischievous.”  Modern  doc¬ 
tors  have  updated  the  phrase  to, “The  health 
of  my  patient  will  be  my  first  consideration.”  Facing  life-and-death 
decisions  every  day,  doctors  take  this  pledge  very  seriously 
IT  professionals  rarely  face  life-and-death  situations  with  the  people 
in  their  care  —  those  we  call  “users”  —  but  perhaps  it’s  time  that  IT 
departments  adopt  a  credo  to  state  the  seriousness  of  their  work.  I’d  like 
to  propose  the  following  as  the  IT  oath:“I  will  do  my  best  to  provide  the 
means  for  my  clients  to  perform  their  jobs  effectively  and  efficiently 
and  I  will  not  intentionally  impede  their  progress." 

Such  an  oath  is  necessary  to  restore  confidence  in  IT  organizations. 
Especially  important  is  the  part  about  not  impeding  progress.  Whether 
deserved  or  not,  IT  departments  have  a  reputation  for  being  adversarial 
with  users.  Here’s  a  story  that  illustrates  this  point. 

The  IT  department  of  a  Fortune  500  company  recently  determined 
the  many  remote  users  accessing  its  network  posed  a  security  threat. 
The  group  decided  to  implement  a  new  system  based  upon  active 
cards  and  more  secure  remote-access  software.  Tens  of  thousands  of 
home-based  or  traveling  employees  were  notified  via  e-mail  of  the  im¬ 
pending  switch  to  the  new  system  and  were  given  a  deadline  to  proac¬ 
tively  migrate  themselves.  This  meant  workers  had  to  request,  receive 
and  configure  the  active  card  and  software  on  their  own. 

The  12-step  migration  process  was  no  simple  feat,  especially  for  work¬ 
ers  who  were  not  IT  savvy  or  had  a  non-standard  configuration.  When 
deadline  day  for  the  first  wave  of  users  arrived,  more  than  1 ,500  employ¬ 
ees  had  not  yet  completed  the  migration.  When  these  workers  attempt¬ 
ed  to  log  on  to  their  network  that  day,  they  learned  that  their  access  was 
shut  off  because  of  non-compliance  with  the  new  system. 


The  IT  oath:  First  do 


Can  you  imagine  how  the  lights  on  the  help  desk  phones  lit  up?  With¬ 
out  warning,  1 ,500  people  couldn’t  do  their  jobs  because  the  IT  depart¬ 
ment  made  an  arbitrary  decision  to  cut  them  off  rather  than  help  them 
through  the  migration. One  worker  told  me  she  was  locked  out  for  three 
days  while  she  struggled  with  the  installation,  which  was  made  all  the 
more  frustrating  by  long  waits  to  talk  to  help  desk  personnel. 

In  another  case,  a  company  outsourced  its  e-mail  system.  Employees 
were  informed  the  switch  would  take  place  over  a  weekend,  and  that 
their  e-mail  addresses  would  remain  the  same  and  no  incoming  mes¬ 
sages  would  be  lost.What  they  weren’t  told  is  that  no  old  folders  or  cal¬ 
endars  would  be  migrated  to  the  new  system.  When  workers  arrived 
Monday  morning  and  logged  on  to  the  new  e-mail  system,  their  calen¬ 
dars  were  blank,  contact  databases  empty  and  old  folders  and  mes¬ 
sages  inaccessible.  The  IT  department  had  decided  to  archive  the  old 
information  and  retrieve  it  only  if  users  made  a  request. 

I  don’t  know  about  you,  but  my  work  life  pretty  much  revolves  around 
my  e-mail.  I  don’t  do  anything  unless  it’s  in  my  calendar,  and  I  don’t 
know  how  to  find  anyone  who’s  not  in  my  online  contacts  list.  Can  you 
imagine  discovering  that  those  things  are  completely  inaccessible 
when  you  show  up  for  work  one  day? 

IT  professionals  must  make  sure  their  business  colleagues  have  what 
they  need  to  do  their  jobs.  It  might  be  access  to  e-mail,  business  appli¬ 
cations,  instant  messaging, Web  sites  or  any  number  of  other  computer- 
based  resources.  Any  interruption  or  change  to  these  services  has  to  be 
considered  not  only  for  technical  merit  but  also  for  how  it  affects  the 
user  community  Workers  cannot  be  left  hanging. 

So  raise  your  right  hand  and  repeat  after  me:“I  will  do  my  best  to  pro¬ 
vide  the  means  for  my  clients  to  perform  their  jobs  effectively  and  effi¬ 
ciently  and  I  will  not  intentionally  impede  their  progress.”  It’s  an  oath  we 
should  all  live  by 

Musthaler  is  vice  president  of  Currid  &  Company,  a  Houston  technology 
assessment  firm.  She  can  be  reached  at  linda@currid.com. 
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Cisco’s  purchase  of 
Airespace  could  boost 
the  enterprise  wireless 
LAN  market,  which  has 
been  struggling  some¬ 
what.  Despite  all  the 
hype  about  WLAN 
switches,  worldwide 
sales  were  less  than 
$250  million  in  2004, 
according  to  Synergy 
Research.  And  most  of 
that  was  in  specific 
verticals  such  as 
healthcare,  retail, 
manufacturing  and 
education. 

A  combination  Cisco/ 
Airespace  offering  could 
open  up  WLANs  to  a 
broader  audience. 

jnside  8021t 

The  802.11  i  standard  is  being 
touted  as  the  last  word  on 
wireless  security.  But  how 
tricky  is  it  to  deploy  802.11  i, 
and  is  it  worth  the  trouble? 
Pagg42. 

When  Wi-Fi 
meets  cellular: 

There's  another  type  of  con¬ 
vergence  happening.  It's  not 
data/voice  convergence,  it's 
Wi-Fi/cellular  convergence. 
It  means  you  could  move 
from  corporate  LAN  to  hot 
spot  to  airport  without  los¬ 
ing  your  connection.  And  it's 
not  that  far  away.  Page  46. 


■  BY  JIM  GEIER 

Cisco’s  recent  purchase  of  Airespace 
could  kick-start  the  wireless  LAN  mar¬ 
ket,  creating  new  options  for  enter¬ 
prise  customers,  particularly  Cisco  ^ 
shops  that  were  reluctant  to  pay  a  pre¬ 
mium  for  Cisco  gear,  but  which  were 
also  skittish  about  going  with  a  WLAN 
switch  start-up. 

Cisco  initially  will  offer  Airespace  WLAN  switches  and 
thin  access  points  under  the  Cisco  name  alongside 
Cisco’s  Aironet  fat  access  points,  which  are  part  of  its 
Structured  Wireless-Aware  Network  (SWAN)  product  line. 

The  Airespace  WLAN  switch  offers  superb  security  and  management  features  at 
a  much  lower  total  cost  of  ownership  than  an  Aironet  rollout.  As  a  result,  it’s  likely 
that  many  customers  that  shied  away  from  Cisco’s  higher-priced  offerings  will 
move  fonvard  with  the  Cisco-Airespace  product. 

Cisco  plans  to  integrate  Airespace  switches  with  SWAN,  but  there  is  no  clear  defin¬ 
ition  of  how  Cisco  will  make  this  integration  work.  It’s  likely  Cisco  will  interface 
Aironet  access  points  to  Airespace  WLAN  switches.This  will  let  Cisco  customers 
with  Aironet  access  points  migrate  to  a  wireless  switched  network. 

Cisco’s  purchase  of  Airespace  is  seen  as  validation  of  the  thin  access  point 
approach  to  WLANs,  an  approach  taken  by  the  start-ups  such  as  Trapeze 
Networks,  Aruba  Wireless  Networks  and  Airespace.  Cisco  followed  the  more 
traditional  approach  of  deploying  fat  access  points  and  connecting  to  current 
Ethernet  switches.  In  Cisco’s  case,  the  company  created  a  WLAN  blade  for  the 
Catalyst  6500  switch. 

A  switch  in  time 

Cisco’s  move  also  reflects  an  acknowledgement  that  the  future  belongs  to 
the  Airespace  model.  According  to  Infonetics,  Cisco  is  No.  1  in  WLAN  revenue, 
with  1 7%  market  share,  followed  by  Linksys  (owned  by  Cisco),  D-Link  Systems 
and  Netgear.  But  Infonetics  reports  that  fierce  price  pressure  is  severely 
impacting  revenue  —  in  2004  worldwide  units  sold  increased  51%  but  revenue 
only  increased  15%. 

Synergy  Research  predicts  that  worldwide  revenue  from  traditional  access  points 
will  drop  2%  in  2005,35%  in  2006  and  11%  in  2007.  On  the  other  hand,  sales  of  WLAN 
switches  will  grow  150%  in  2005,53%  in  2006  and  59%  in  2007,  according  to  Synergy. 

In  the  fat  access  point  scenario,  access  points  such  as  Cisco’s  Aironet  provide 
radio-based  connections  in  addition  to  security,  management  and  performance 
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enhancements.The  advantage  is  that  you  easily  can  make 
use  of  your  Ethernet  infrastructure,  but  the  downsides  are 
that  the  access  points  are  relatively  expensive  and  diffi¬ 
cult  to  manage. 

With  the  thin  access  point  model,  wireless  switches  pro¬ 
vide  those  security,  performance  and  management  fea¬ 
tures.  The  thin  access  points  then  can  concentrate  on 
what  they’re  intended  for  —  reliable,  high-performance 
radio  technology. 

WLAN  switches  offer  benefits 

Beyond  the  cost  savings,  there  are  a  number  of  technical 
reasons,  including  security,  performance  and  ease  of  man¬ 
agement,  which  make  WLAN  switching  the  way  to  go. 

Security  is  a  major  concern  for  IT  executives  deploying 
WLANs.  Unfortunately  WLAN  standards  cover  encryption 
between  user  and  access  points,  but  not  authentication, 
intrusion  detection  and  rogue  access  point  control. 

For  example,  a  hacker  could  try  to  compromise  security 
by  attaching  a  rogue  access  point  to  the  wired  network. 
Unless  the  company  implements  careful  Ethernet  switch 
port  control,  the  rogue  access  point  could  gain  access  to 
the  corporate  network  wirelessly  from  a  nearby  car. 

Likewise,  an  employee  might  purchase  an  access  point 
from  an  office  supply  store  and  connect  it  to  the  corpo¬ 
rate  network  without  setting  acceptable  security  controls, 
which  inadvertently  leaves  an  opening  for  a  mischievous 
person  to  exploit. 

However,  a  wireless  switch  authenticates  and  configures 
each  access  point  based  on  the  company’s  security  poli¬ 
cies.  An  employee  or  hacker  might  plug  the  access  point 
into  the  network,  but  the  wireless  switch  will  disable  the 
connection  if  the  access  point  is  not  able  to  authenticate 
or  configure  correctly 

Additionally  a  wireless  switch  ensures  that  all  authorized 


access  points  comply  with  security  policies.  Access  points 
can  be  configured  to  only  allow  policy  changes  from  the 
wireless  switch,  which  precludes  a  hacker  from  plugging  a 
laptop  into  the  access  point  via  a  console  cable  and 
change  configurations  that  make  the  network  unsecure. 

The  wireless  switch  can  be  kept  inside  a  locked  room 
and  out  of  hackers’  reach.  If  a  hacker  attempts  to  discon¬ 
nect  a  legitimate  access  point  and  plug  in  a  rogue,  the 
switch  will  notice  what’s  going  on  and  physically  disable 
the  rogue’s  access  to  the  corporate  network. 

Higher  performance 

A  fairly  common  issue  with  WLANs  is  that  coverage 
holes  —  areas  with  low  signal  strength  —  often  exist.This 
occurs  because  of  poor  placement  of  access  points  and 
the  dynamics  of  the  environment.  After  the  initial  installa¬ 
tion  of  access  points,  for  example,  a  company  might  add 
walls  to  create  new  offices  or  move  large  machinery  This 
affects  the  propagation  of  radio  waves,  which  leads  to 
lower  and  sometimes  inadequate  signal  strength  in  parts 
of  the  building. 

Some  applications,  such  as  e-mail  and  Web  browsing, 
hold  up  pretty  well  as  users  roam  through  coverage  holes. 
At  least  a  user  can  read  e-mails  or  view  Web  pages  in 
cache  on  the  mobile  device  while  on  route  to  a  covered 
area. 

However,  a  warehouse  inventory  management  applica¬ 
tion  commonly  requires  a  constant  connection  between 
the  terminal  (mobile  device)  and  the  host  (application 
server).  If  the  wireless  connection  is  temporarily  lost,  the 
user  usually  must  log  back  on  to  the  system.  Sometimes 
this  can  even  cause  errors  on  the  server  if  the  loss  of  con¬ 
nection  occurs  in  the  middle  of  a  transaction. 

WLAN  switches  can  compensate  for  the  periodic  dis¬ 
connected  state  of  mobile  devices  as  users  roam  through 


Thin  is  in  While  Cisco  is  currently  the  market  leader  in  wireless  LANs  with  its  thick  access  point 
architecture,  the  future  belongs  to  the  thin  AP/WLAN  switch  model,  according  to  Synergy  Research. 
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coverage  holes.  The  switch  is  smart  enough  to  know  that 
a  mobile  device  no  longer  has  a  wireless  connection  to 
the  access  point.  The  switch  continues  to  maintain  the 
applicable  connection  with  the  application  server.  The 
worst  case  is  users  might  experience  application  delays, 
but  the  application  remains  available  and  ready  to  start 
where  it  left  off. 

Another  issue  is  that  voice-over-WLAN  (VoWLAN) 
phones  will  drop  calls  as  users  walk  through  areas  where 
signal  strength  is  too  low.  Cisco  publishes  stringent  guide¬ 
lines  for  deploying  WLANs  that  enable  effective  VoWLAN 
operation,  but  most  traditional  thick  access  point  WLAN 
installations  don’t  come  close  to  offering  the  coverage 
and  speedy  handoffs  between  access  points  that 
VoWLAN  applications  require. 

Wireless  switches,  though,  are  designed  to  provide  ade¬ 
quate  handoffs  between  access  points  and  intelligent 
restarts  to  avoid  dropped  calls. 

Improved  management 

Often,  the  costs  associated  with  ongoing  operational 
support  of  a  WLAN  becomes  higher  than  the  initial  cost 
of  hardware  and  software,  unless  you  ensure  that  effective 
management  tools  and  support  methods  are  in  place. 
WLAN  switches  are  designed  to  offer  effective, centralized 
support  necessary  to  realize  an  expected  ROI. Centralized 
management  is  possible  with  wireless  switches,  which 
can  configure,  monitor  and  upgrade  multiple  access 
points  automatically 

For  instance,  a  company  can  interface  an  access  point 
into  a  WLAN  switch,  and  the  switch  automatically  config¬ 
ures  the  access  point.  This  saves  the  time  and  potential 
human  error  of  having  an  administrator  perform  the  con¬ 
figuration.  Also,  the  wireless  switch  immediately  can 
detect  a  failed  access  point  and  alert  appropriate  staff. 

Also,  network  managers  might  not  have  much  experi¬ 
ence  with  radio-based  systems.  An  important  aspect  of 
wireless  switches  is  that  they  offer  a  layer  of  management 
that  reduces  the  need  to  understand  radio  waves.  The 
automated  switch  functions,  such  as  intelligently  restart¬ 
ing  applications  when  connections  are  lost  and  rogue 
access  point  control,  compensate  for  lack  of  wireless  net¬ 
work  skills. 

Because  a  wireless  switch  houses  most  of  the  intelli¬ 
gence  of  the  WLAN,  the  access  points  can  focus  on  radio 
connectivity,  which  usually  keeps  the  prices  of  thin  access 
points  considerably  lower  than  the  thick  access  point 
counterparts.  As  a  result,  a  company  with  thin  access 
points  can  migrate  to  newer  technologies  at  lower  costs. 
The  corresponding  changes  to  the  rest  of  the  network  can 
be  done  through  software  upgrades  on  the  switches. 

While  it  might  be  tempting  to  use  the  current  wired 
Ethernet  network  to  interconnect  access  points,  the 
improvements  in  security  performance  and  management 
when  deploying  a  wireless  switch  likely  will  make  the  ROI 
much  better  in  the  long  run. 

Just  keep  in  mind  that  you  probably  won’t  be  able  to  use 
third-party  access  points  and  still  realize  all  the  benefits 
touted  by  the  wireless  switch  maker. 

That’s  not  too  much  of  a  problem  for  Cisco  shops 
because  they  can  choose  Airespace  and  still  be  within 
the  realm  of  Cisco  for  their  entire  network.  But  companies 
with  non-Cisco  infrastructures  probably  will  need  to  use 
access  points  from  the  wireless  switch  vendor,  which 
probably  will  be  different  from  the  vendor  of  the  wired 
network. 

Geier  is  the  founder  and  principal  consultant  of  Wireless- 
Nets,  ( WLUw.wireless-nets.com ),  a  consulting  firm  focusing 
on  the  implementation  of  wireless  mobile  solutions  and 
training.  He  is  the  author  of  the  books  Wireless  LANs  and 
Wireless  Networks  —  First  Step. 


Wireless 


Cost,  complexity  and  interoperability  issues  could  slow 
adoption  of  802.1 1  i  wireless  security  standard. 
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Eye  on  802.11i 


■  BY  KEVIN  FOGARTY 

Vendors  will  tell  you  that  upgrading  from  the  interim  security 
standard  Wi-Fi  Protected  Access  to  the  fully  baked  802.1  li  pro¬ 
tocol  will  be  fairly  simple,  straightforward  and  worth  the  effort. 
But  analysts  and  end  users  warn  that  there  are  lots  of  wrinkles  to 
an  802.1  li  upgrade,  including  the  fact  that  you  might  have  to  buy 
new  hardware.  After  analyzing  costs  and  other  issues,  some  users 
have  decided  that  WPA  is  good  enough  for  now. 


At  the  very  least,  moving  to  802.1  li  means  man¬ 
aging  firmware  upgrades  on  both  access  points 
and  clients.  That’s  if  you  have  relatively  new  hard¬ 
ware.  If  not,  you’ll  have  to  swap  out  your  old  gear 
for  new  access  points  that  can  handle  Advanced 
Encryption  Standard  (AES)  encryption. 

Plus,  you’ll  need  to  install  authentication 
servers  and  certificate-authority  servers  (if  you 
don’t  already  have  one  in  place),  and  add  a 
whole  new  protocol  to  the  networks.  That’s 
because  802.1  li  manages  the  encryption  part  of 
wireless  LAN  security,  but  you  also  need  authen¬ 
tication,  which  means  implementing  802. IX, 
another  relatively  new  protocol. 

“Anyone  who  tells  you  it’s  simple  is  not  telling 
you  the  straight  story,”  says  Kenneth  Dulaney,  an 
analyst  at  Gartner.“You’re  adding  two  encryption 
methods  and  one  authentication  scheme.  That’s 
not  simple.” 

WPA  uses  temporal  key  integration  protocol 
(TK1P)  encryption,  while  802.1  li  uses  AES. 
Because  WPA  is  a  subset  of  the  fuller-featured 
802.1  li,  WPA-enabled  access  points  usually  can 


support  both  encryption  methods. 

“If  you  have  first-generation  access  points, 
you’ve  just  inherited  a  doorstop,”  says  Michael 
Disabato,  networking  service  director  at  Burton 
Group.  “That’s  not  the  worst  thing  in  the  world 
because  there  are  numerous  reasons  you  want 
the  older  stuff  to  go  away  if  you  can  afford  it.The 
receivers  are  better,  they  have  better  range.  Lots 
of  reasons.” 

What  if  you  can’t  afford  it?  Cost  is  a  major  rea¬ 
son  why  the  Boston  Public  Library  is  holding  off 
on  an  802.1  li  upgrade,  according  to  Systems 
Officer  Carolyn  Coulter. 

The  library  provides  free  wireless  access  in  its 
public  rooms  for  patrons  and  staff,  so  the  net¬ 
work  has  to  be  pretty  open.“We  never  know  what 
kind  of  equipment  the  public  is  going  to  walk  in 
with,”  Coulter  says. 

Coulter  runs  Cisco  equipment  on  both  wired 
and  wireless  networks,  but  uses  a  Bluesocket 
wireless  gateway  for  access  control  and  encryp¬ 
tion,  rather  than  WPA. 

See  802.1  li,  page  44 


The  802.1  X  framework 

Under  802.1X,  users  can  chose  from  a  variety  of  authentication  methods  and  encryption  schemes. 


Wireless  network 


Wired  network 


802.1X-compliant  802.1X  authentication  server  WLAN  switch  or 


©  Client  asks  access  ©  Access  point  ©  Client  sends  identity 


point  for 
permission  to 
send  data  over 
WLAN  network. 


asks  client  to 
verify  its 
identity. 


information  to  authentication 
server,  identity  information  is 
encrypted  using  either  WEP, 
WPA  or  802.11i  encryption 
methods. 


©  Authentication  server  verifies  client’s 
identity.  Authentication  mechanism 
under  802.1X  framework  can  be  EAP, 
LEAP,  EAP-TTLS,  Kerberos,  pre¬ 
shared  token,  etc. 


©Client  sends 
data  to  access 
point. 


■  Wireless  by  the  numbers ...  and  letters 

Wired  Equivalent  Privacy  (WEP):  An  encryption  technique  built  into 
802.1 1  wireless  LANs  using  40-bit  keys. 

802.1X:  An  authentication  standard  for  LANs  and  WLANs,  used  to 
identify  users  before  allowing  their  traffic  onto  the  network. 

Wi-Fi  Protected  Access  (WPA):  An  industry  standard  based  on  a  sub¬ 
set  of  an  early  draft  of  802.1  li. WPA  replaces  WEP’s  keying  mecha¬ 
nism  with  a  more  robust  system,  called  Temporal  Key  Integrity 
Protocol  (TK1P).WPA  adds  a  strong  message-integrity  check  and 
allows  for  authentication  using  802.  IX. 

802.11i:  In  addition  to  all  the  features  in  WPA,  802.1  li 

uses  Advanced  Encryption  Standard  (AES)  as  a  replacement  for 

RC4  encryption. 

Advanced  Encryption  Standard  (AES):  AES  is  the  U.S.  government  stan¬ 
dard  encryption  protocol  that  replaces  Data  Encryption  Standard. 

Certificate  authority:  Independent  organizations  that  verify  the  iden¬ 
tities  of  internal  or  external  network  security  servers,  and  give 
!  those  servers  the  ability  to  do  the  same  for  clients  that  connect  to 
them,  using  encrypted  certificates  that  are  verified  by  the  server 
every  time  the  client  logs  on. 

Extensible  Authentication  Protocol  (EAP):  An  extension  of  Fbint-to-Fbint 

Protocol  that  supports  many  authentication  methods,  including 
Kerberos,  public-key  authentication  and  smart  cards.  In  the  IEEE’s 
802.  IX,  EAP  is  encapsulated  in  LAN  or  WLAN  traffic,  providing  the 
mechanism  for  verifying  the  identity  of  a  user  to  a  RADIUS  or 
other  authentication  server. 

Lightweight  Extensible  Authentication  Protocol  (LEAP):  a  proprietary  ver¬ 
sion  of  EAP  that  Cisco  developed. 

Protected  Extensible  Authentication  Protocol  (PEAP):  a  proprietary 
extended-function  version  of  EAP  that  Microsoft,  Cisco  and  RSA 
Security  developed. 

EAP-Transport  Layer  Security  (EAP-TIS):  another  Microsoft-created 
proprietary  extension,  but  this  one  has  been  accepted  by  the  IETF 
as  a  public  standard. 

EAP-Tunneled  Transport  Layer  Security  (EAP-TTLS),  a  proprietary  proto¬ 
col  developed  by  Funk  Software  and  Certicom;  under  considera¬ 
tion  by  IETF  as  a  new  standard. 

Temporal  Key  Integrity  Protocol  (TKIP):  an  encryption  protocol 
designed  to  provide  more  secure  wireless  encryption  than  WEP 
by  making  keys  more  difficult  to  crack.TKIP  is  the  encryption 
mechanism  for  WPA,  but  is  replaced  by  AES  in  802.1  li,  which  is 
also  known  as  WPA2. 
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CANOBEAM  COMBINES  HIGH-TECH  WITH  LOW  PRICES 


Auto  Tracking  Function 


High  speed  economical 
transmission  up  to  1.25Gbps 
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Provides  High-quality,  reliable 
wireless  communications 
up  to  2km  with  Auto  Tracking 


Requires  no  radio  frequency 
allocations,  permits  or  licenses 


Highly  secure  data  links 


Protocol  independent,  like 
fiber  optic  cable 
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Installation  and  operating  cost 
are  much  lower  than  installing 
fiber  optic  cable 
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•  Economical  FSO  for  data 
transmission  from  20m  to  500m 

•  Wide  range  of  data  speeds  from 
25Mbps  to  156Mbps 

•  Auto  Tracking  Function 

•  DT-MNG100,  Management  Board 
built-in 


•  Provides  high-quality,  reliable 
wireless  communications  from 
100m  to  2km 


•  Wide  range  of  data  speeds  from 
25Mbps  to  156Mbps 

•  Auto  Tracking  Function 

•  DT-MNG100;  Management  Board 
built-in 


•  State-of-art  data  transmission  at 
1.25Gbps  for  Gigabit  Ethernet  network 

•  Transmission  distance  from  100m 
to  1000m 

•  3R  Function  (Re-shaping,  Re-timing, 
Re-generating) 

•  Auto  Tracking  Function 

•  DT-MNG100,  Management  Board  built-in 


0M il9H 

KNOW  HOW 

t;.i<U*m.irk<  ol  t  .UKHt  ini.  u’ 1b(,iU|[Mv*(trSdii5s' 

:v  '•  «.  .1  It  VMi.wks  cm  in  oitiFf  » ’  * '•**  *  ‘''iiSn&MffiSSljBKIi 


Find  out  more  at  canobeam.com 

1-800  321-4388  (Canada:  905  795  2012 ) 


:<  cnWsm 

■  »* 


.liul  ni.lv 


'iV*.  i  i  ,*-i  IJ.S  A  .  u  t.inup  <md  i.iunn,kinnv  «m*  t:.i<U»fn.uk<  of  Qtioti  I  n  yi 'ihp4ty>tp<1«it«ii' 


„ 1  ■  .«■ 


Wireless 


44  .vNetw«i;Wop!d:  a  life 


“ANYONE  WHO  TELLS  YOU  IT’S 
SIMPLE  IS  NOT  TELLING  YOU  THE 
STRAIGHT  STORY.  YOU’RE  ADDING 
TWO  ENCRYPTION  METHODS  AND 
ONE  AUTHENTICATION  SCHEME. 
THAT’S  NOT  SIMPLE.” 

—  KENNETH  DULANEY,  analyst,  Gartner 


course,  the  doctors  don’t  like 
it  because  they  have  to 
authenticate  several  times.” 

Cerny  uses  802.11a  access 
points  wherever  feasible,  and 
uses  802.1  lb  for  VoIP  phones; 
the  802.1  lb  access  points  use 
a  list  that  contains  all  the 
media  access  control 
addresses  for  every  phone  in 
the  hospital  system.“lt’s  a  very 

long  list,”  Cerny  says.“But  if  you’re  not  on  it, you  don’t  get 
on  the  network.” 

The  system  leaves  unregulated  hot  spots  in  lobbies  and 
elsewhere,  but  because  no  unauthorized  machines  can 
access  the  internal  network,  Cerny s  not  concerned. “We 
don’t  really  care  if  they  use  your  bandwidth  to  get  on  the 
Internet;  they  can’t  get  to  anything  inside  our  network,” 
she  says. “It’s  a  very  simple  deployment;  very  few  hands 
in  the  cookie  jar’’ 

The  Boston  Public  Library  uses  a  similar  setup  with  a 
Bluesocket  WLAN  gateway  for  the  Wi-Fi  connections  it 
offers  within  its  main  branch,  Coulter  says.  The 

Bluesocket  server  handles 
encryption  and  access 
control  using  both  WPA 
and  IPSec  encryption.  The 
Bluesocket  gear  also  han¬ 
dles  role-based  access  lists 
that  define  access  based 
on  a  user’s  role  in  the  orga¬ 
nization,  broad-based  poli¬ 
cy  management  to  let  net¬ 
work  managers  reconfig¬ 
ure  WLAN  access  more  eas¬ 
ily  and  QoS.  “We  do  make 
people  download  certifi¬ 
cates,  but  otherwise  we  have  to  make  it  as  easy  for  peo¬ 
ple  as  we  can,”  Coulter  says. 


“AT  THE  TIME  WE  INSTALLED  THIS, 
SECURITY  WASN’T  A  DONE  DEAL 
FOR  WIRELESS,  AND  APPARENTLY 
IT’S  STILL  NOT.” 

—  CHRIS  CERNY,  manager  of  enterprise  networking,  Community 
Health  Network  and  the  Indiana  Heart  Hospital 


302.1 1i 

continued  from  page  42 

“We’d  like  to  be  as  up-to-the-minute  as  we  can  with 
security.  But  finances  are  an  issue  because  we’re  a  pub¬ 
lic  entity?’  she  says.  Coulter  would  like  to  migrate  to 
802.1  li, or  add  it  to  her  current  security  options;  but  with¬ 
out  a  pressing  reason,  she’s  one  of  a  number  of  network 
managers  who  seem  comfortable  with  their  present  lev¬ 
els  of  security. 

For  example,  concrete  and  building-materials  con¬ 
glomerate  RMC  Group  is  in  the  middle  of  a  migration  to 
VoIP;  is  updating  and  standardizing  its  mail  servers;  and 
is  updating  its  routers,  switches  and  hubs,  according  to 
Dave  Miller,  project  office  manager  at  RMC  in  Atlanta. 

“We’d  like  to  stay  as  close  as  possible  to  the  latest  secu¬ 
rity  protocols,”  he  says.  “We’re  using  [Wired  Equivalent 
Privacy] ,  and  we  do  have  some  security  concerns,  but 
we’re  focused  on  these  other  projects  and  we’re  under¬ 
going  an  acquisition  [by  Cemex], so  we’re  holding  off  a 
little  for  those  reasons.” 

Alternatives  to  802.1  li 

Other  security  approaches 
might  be  easier  and  more 
cost-effective,  according  to 
Chris  Cerny  manager  of  enter¬ 
prise  networking  at 
Community  Health  Network 
and  the  Indiana  Heart 
Hospital  in  Indianapolis. 

Rather  than  rely  on  WPA  to 
supply  encryption,  every 
approved  device  has  a  VPN 
client  that  encrypts  traffic, 
handles  routing  with  a  DHCP 
server,  then  authenticates  the 
user’s  device  and  password  to  a  Cisco  authentication 
server. 

“At  the  time  we  installed  this,  security  wasn’t  a  done 
deal  for  wireless,  and  apparently  it’s  still  not,”  Cerny  says. 
“We  figured,  whatever  the  methodology  of  the  day  was, 
we  already  had  a  VPN  concentrator,  [access  control  list] 
and  Cisco  authenticator,  and  that  all  works  very  nicely  Of 


Look  before  you  LEAP 

Interoperability  is  a  potential  land  mine  for  users. 
Dulaney  says  that  while  802.  lli  encryption  protocols  are 
fairly  standard,  the  authentication  methods  in  802.  IX 


aren’t.“The  802.  IX  spec  is  not 
hard  and  fast,  there  are  inter¬ 
pretations  to  be  made,”  he 
says,  which  means  each  ven¬ 
dor’s  version  could  be  slightly 
different  from  every  other’s. 

Most  vendors  use  the 
Extensible  Authentication 
Protocol  (EAP)  to  communi¬ 
cate  port-access  requests 
between  the  client  and  the 
access  point.  But  EAP  packets  only  carry  the  requests; 
the  protocol  doesn’t  include  descriptions  of  how  to  man¬ 
age  the  authentication  itself.  For  that,  you  have  to  pick 
one  of  several  EAP  implementations,  including  Transport 
Layer  Security  (EAP-TLS)  or  EAP  Tunneled  Transport 
Layer  Security  (EAP-TTLS),  any  of  which  are  acceptable 
under  the  802.  IX  framework,  but  not  all  of  which  are 
interoperable. 

Cisco  developed  Lightweight  Extensible  Authentica¬ 
tion  Protocol  (LEAP).  But  testers  showed  that  LEAP 
could  be  cracked  by  a  simple  dictionary  attack, so  Cisco 
is  replacing  it  with  a  new  EAP-FAST  (Flexible  Auth¬ 
entication  via  Secure  Tunneling). 

Yet  another  twist  comes  from  Microsoft,  which  devel¬ 
oped  a  Protected  EAP  (PEAP)  with  help  from  Cisco  and 
RSA  Security  Unlike  EAP-FAST,  in  which  both  client  and 
server  are  issued  keys  before  any  communication  takes 
place,  PEAP  relies  on  certificates  that  have  to  be  generated 
by  an  authentication  server.  Microsoft  ships  PEAP  in  some 
versions  of  Windows  XR  providing  certificates  using  its 
Microsoft  Challenge-Handshake  Authentication  Protocol 
(MS-CHAP)  or  Cisco’s  Generic  Token  Card  certificate. 

Almost  any  kind  of  certificate  is  allowed  under  802.  IX 
as  is  any  authentication  protocol,  according  to  Shripati 
Acharya,  director  of  product  management  in  the  wire¬ 
less  networking  business  unit  at  Cisco. 

The  bottom  line,  according  to  Dulaney:  “Even  if  you  do 
see  802.1  li  certification  on  a  product,  you  probably 
won’t  be  able  to  make  every  product  work  with  every 
other  product.  You  have  to  ask  vendors  what  products 
they’re  certified  for.” 

Certification  trepidation 


How  did  we  get  here? 


M  Aff  ired  Equivalent  Privacy,  the  original  wireless 
■nV  security  protocol,  used  40-digit  and  128-digit 
WW  keys  encrypted  using  an  algorithm  called 
RC4.  With  WEP,  each  client  machine  was  assigned 
one  key  per  session.  WEP  was  cracked  in  the  sum¬ 
mer  of  2001  and  has  since  been  a  weak  link  in  the 
wireless  security  chain. 

Combining  WEP  with  the  802. IX  authentication 
protocol  improved  things  by  forcing  a  WEP  client  to 
ask  for  access  to  the  network,  using  the  Extensible 
Authentication  Protocol  (EAP)  built  into  802. IX. 

Wireless  vendors  developed  Wi-Fi  Protected 
Access  (WPA)  to  increase  the  encryption  by  using 
another  technique  called  Temporal  Key  Integration 
Protocol  (TKIP),  which  changes  the  key  used  by 
each  client  several  times  during  each  session. 

A  major  part  of  WPA's  security  was  to  come 
from  the  replacement  of  RC4  with  a  stronger  algo¬ 


rithm  called  the  Advanced  Encryption  Standard 
(AES),  which  was  developed  for  the  U.S.  military  by 
the  National  Institute  of  Standards. 

Developing  the  protocol  using  AES  and  getting  all 
the  vendors  to  sign  off  on  the  specifics  took  time 
the  vendors  didn’t  have,  however.  To  meet  rising 
demand,  most  released  products  that  used  TKIP 
instead  of  AES,  and  it  was  still  called  WPA. 

The  fully  baked  version  of  802. Hi,  which  many 
vendors  and  integrators  still  refer  to  as  WPA2, 
replacesTKIP  with  AES,  and  wasn't  approved  by 
the  IEEE  until  June  2004. 

Products  have  been  undergoing  compatibility 
testing  at  the  labs  of  the  Wi-Fi  Alliance  —  a  consor¬ 
tium  of  vendors  that  develops  and  certifies  wireless 
specifications,  and  started  to  hit  the  market  early 
this  year. 

—  Kevin  Fogarty 


Finally  many  end  users  shy  away  from  using  certificate- 
based  systems  of  any  kind,  says  Jeff  Keenan,  a  principal 
at  integrator  Keenan  Systems  in  Hartford,  Conn.  It’s  just 
too  complicated  to  have  a  certificate  server  authenticat¬ 
ed  by  an  external  authority  so  it  can  issue  certificates, 
then  keep  the  certificates  on  servers  and  mobile  clients 
fully  synchronized. 

“1  only  work  with  two  or  three  companies  that  have  cer¬ 
tificates,  and  at  least  one  has  a  whole  department  to 
manage  it.  Other  companies  use  RSA,  hard  tokens  or 
other  ways  to  get  around  issuing  certificates,”  he  says.“It’s 
a  big  headache  even  once  it’s  running.” 

But  IT  and  security  professionals  realize  that  they 
could  face  even  bigger  headaches  if  they  don’t  at  some 
point  upgrade  to  the  most  advanced  wireless  security 
standards. 

Disabato  says, “There’s  a  lot  of  regulatory  fear  out  there 
for  people  affected  by  [Health  Insurance  Portability  and 
Accountability  Act],  Sarbanes-Oxley,  Gramm-Leach 
Bliley.  People  are  nervous.  If  you  get  caught  on  something 
under  Sarbanes-Oxley,  and  you  have  WPA2  running,  you 
can  at  least  say  you  did  the  best  you  could  with  the  tech¬ 
nology  that  was  available.” 

Fogarty  is  a  freelance  writer  in  Sudbury,  Mass.  He  can  be 
reached  at  kevinjfogarty@yahoo.com. 
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New  hybrid  networks  will  make  life  easier  for  power 
users  on  the  go. 


When  Wi-Fi  meets  cellular 


■  BY  JEFF  VANCE 

Wouldn’t  it  be  nice  if  you  had  a  dual-mode  phone  that  let  you  talk  via  voice 
over  Wi-Fi  when  you’re  in  the  office,  warehouse  or  hospital,  and  then  seam¬ 
lessly  switched  over  to  cellular  when  you  were  outside  the  coverage  area  of 
your  wireless  LAN. 


That’s  the  promise  of  new  converged  or  hybrid  services 
that  will  become  available  sooner  than  you  think.  The 
benefits  are  increased  mobility,  productivity  and  conve¬ 
nience,  not  to  mention  some  cost  savings. 

Of  course,  there  are  trade-offs.  This  hybrid  service  means 
replacing  a  public  switched  telephone  network  (PSTN) 
service  with  a  VoIP  service  running  over  a  broadband 
Internet  connection. 

Compared  with  VoIP  reliability  and  call  quality  are  both 
superior  on  the  PSTN,  while  the  calls  are  fairly  inexpensive. 
Moreover,  indoor  coverage  can  be  spotty  making  many 
users  wary  of  abandoning  that  fixed-line  phone  altogether. 

And  without  a  reliable  system  for  LAN  to  WAN  handoffs, 
many  calls  initiated  on  the  cellular  network  will  remain  on 
that  network  for  the  call’s  duration,  regardless  of  whether 
there  is  a  better  WLAN  signal  available. 

The  question  for  the  IT  executive  is  whether  it’s  in  the 
company’s  best  interest  to  trade  away  some  degree  of  reli¬ 
ability  and  call  quality  for  cost  savings  and  mobility  For 
now,  it’s  a  tough  call,  but  as  VoIP  becomes  more  reliable 
and  as  the  bridging  technology  between  these  networks 
becomes  more  sophisticated,  the  scales  will  tip  in  favor  of 
converged  services. 

The  Mure  isn’t  that  far  away 

Although  most  carriers  have  shown  interest  in  fixed- 
mobile  convergence,  one  carrier  actually  has  begun 
deployments. 

T-Mobile  offers  the  dual-mode  iPaq  H6315,  which  lets 
users  switch  between  GSM/General  Packet  Radio  Service 
(GPRS)  and  Wi-Fi  networks  as  they  travel.  “The  device 
automatically  notifies  you  as  you  enter  a  Wi-Fi  hot  spot  and 
switches  to  the  fastest  network  available,  allowing  you  to 
maintain  your  Internet  session  as  you  travel  from  your 
home,  to  Starbucks,  to  the  airport,  to  a  business  meeting 
and  to  your  hotel,”  says  Todd  Achilles,  director  of  handset 
product  management  at  T-Mobile. 

According  to  Achilles,  the  current  GSM/GPRS  network 
provides  wide-area  coverage  for  applications  to  which  cus¬ 
tomers  want  constant  access,  such  as  e-mail  and  calendar, 
while  users  can  turn  to  broadband  hot  spots  when  they 
need  to  access  larger  data  files. 

On  an  even  more  ambitious  scale,  Avaya  recently  teamed 
with  Motorola  and  Proxim  to  develop  a  fixed-mobile  offer¬ 
ing  targeted  at  corporations.  All  you  need  is  a  dual-mode 
phone  from  Motorola,  Session  Initiation  Protocol  (SIP)- 
enabled  IP  telephony  software  from  Avaya,  and  a  voice- 


enabled  WLAN  infrastructure  from  Proxim.Trials  are  under¬ 
way,  with  general  availability  slated  for  this  spring. 

Within  the  enterprise,  Motorola’s  dual-mode  phone  con¬ 
nects  with  a  Proxim  WLAN  access  point  and  functions  as 
aVoIP  phone.As  a  user  moves  out  of  the  office, the  phone 
acts  as  a  GSM  cell  phone.  A  wireless  gateway  jointly  devel¬ 
oped  by  Proxim  and  Avaya  manages  the  handoff  between 
the  two  networks,  while  Avaya’s  SIP-based  IP  telephony 
software  pushes  features  commonly  associated  with  desk 
phones, such  as  conferencing,  out  to  the  mobile  handset. 
The  handset  also  can  access  data  applications  on  both 
networks. 

According  to  Frank  Lovasco,  mobility  solutions  practice 
leader  at  Avaya,  cost  savings  will  exist,  but  cost  won’t  be  the 
biggest  draw  initially  “In  terms  of  what  will  motivate  an 
enterprise  to  make  this  switch, you  have  to  think  in  terms  of 
business  continuity  he  says. 

Early  adopters  will  be  high-value  users  such  as  execu¬ 
tives,  doctors,  lawyers  and  salespeople.  Saving  airtime  min¬ 
utes  isn’t  a  big  deal  to  them  —  they  already  buy  big  buck¬ 
ets  of  minutes  —  but  having  a  single  point  of  contact  is  a 
big  deal.  Added  to  that  is  a  converged  service  that  pushes 
important  features  such  as  conference  calling  from  the 
desk  to  the  mobile  phone, 
meaning  that  these  users 
are  more  productive  when 
on  the  move. 

The  new  service  “allows 
you  to  access  all  of  your 
important  applications,  be 
they  voice  or  data,  from  a 
single  device,”  he  says,  not¬ 
ing  that  Avaya’s  SIP-based 
software  adds  features  such 
as  presence  while  simplify¬ 
ing  a  user’s  life  beyond  just  the  subtraction  of  devices.“You 
now  have  one  point  of  contact,  one  phone  number  where 
you  can  be  reached  all  of  the  time,  as  well  as  a  single  voice 
mail  box,”  he  says. 

The  seams  are  still  visible 

These  two  early  offerings  still  have  some  wrinkles  to  be 
worked  out. 

As  of  now,  billing  is  not  centralized. Users  still  would  pay 
a  carrier  for  the  cellular  plan,  while  the  VoIP  calls  within 
the  company  would  be  rolled  in  with  the  corporation’s 
telephony  plan. 


Also,  these  services  don’t  shield  users  from  the  underly¬ 
ing  networks.  In  other  words,  while  T-Mobile’s  service 
informs  you  when  a  new  network  is  available,  you  must 
finish  your  session  and  reconnect  with  the  new  network. 
With  the  Avaya/Proxim/Motorola  offerings,  the  corporate 
network  is  the  only  network  where  you  get  guaranteed 
Wi-Fi  connectivity.  Currently  the  solution  does  not  inte¬ 
grate  hot-spot  access. 

For  fixed-mobile  convergence  to  really  fly  it  needs  is  the 
seamless  handoff  between  various  Wi-Fi  networks  and  cel¬ 
lular  networks,  with  users  maintaining  their  sessions  and 
with  the  underlying  networks  essentially  invisible  to  them. 

“There  is  still  a  lot  of  work  to  be  done  to  improve  the 
handoff  capabilities,”  says  Phil  Solis,  a  senior  analyst  at  AB1 
Research.  Unlicensed  Mobile  Access  (UMA)  “could  help, 
but  in  the  end  what  networks  you  can  roam  to  might  be 
determined  by  your  carrier  and  the  bundle  you  sign  up  foF 

UMA  technology  is  a  set  of  specifications  for  linking  cel¬ 
lular  networks  and  unlicensed  spectrums  such  as  802.11 
and  Bluetooth. 

Start-ups  push  middleware  products 

A  number  of  start-ups  have  emerged  to  tackle  the  issues 
involved  with  linking  these  divergent  networks.  BridgePbrt 
Networks,  Kineto  Wireless,  IBiS  Telecom  and  LongBoard  all 
intend  to  bring  products  to  market  that  enable  fixed- 
mobile  convergence. 

These  products  reside  in  the  core  of  the  carrier  net¬ 
work, and  bridge  mobile  and  IP  networks.  To  link  net¬ 
works,  these  products  typically  use  a  roaming  technology 
that  extends  a  user’s  mobile-phone  identity  over  an  IP  net¬ 
work,  translating  from  Signaling 
System  7  on  one  end  to  SIP  on 
the  other.  All  the  products  are 
designed  to  extend  a  user’s 
mobile  identity  to  IP  networks, so 
a  user’s  phone  number  and  ses¬ 
sion  remain  the  same,  regardless 
of  location.  These  start-ups  also 
focus  on  additional  features, 
such  as  session  persistence  and 
single  sign-on  authentication. 
Executives  at  Bridgeport  em¬ 
phasize  the  benefits  of  a  single  subscriber  identity. 
“Today’s  highly  mobile  professional  has  several  different 
points  of  contact,  a  desk  phone,  a  mobile  phone  and 
maybe  a  couple  of  e-mail  addresses,"  says  Sanjay  Jhawar, 
Bridgeport’s  senior  vice  president  of  marketing  and  busi¬ 
ness  development.  “With  fixed-mobile  convergence,  not 
only  do  you  converge  the  networks,  but  you  also  con¬ 
verge  the  points  of  contact  for  the  individuals  you  serve. 
In  certain  verticals,  such  as  healthcare,  this  is  a  very  valu¬ 
able  service. 

“A  fixed-mobile  solution  also  needs  to  extend  services 

See  Wi-Fi,  page  49 


“YOU  NOW  HAVE  ONE  POINT  OF 
CONTACT,  ONE  PHONE  NUMBER 
WHERE  YOU  CAN  BE  REACHED  ALL 
OF  THE  TIME,  AS  WELL  AS  A 
SINGLE  VOICE  MAIL  BOX.” 

—  FRANK  LOVASCO,  mobility  solutions  practice  leader,  Avaya 


boss  excited  about  new  servers 
saving  money  instead. 
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Economical  HP  BladeSystem  solutions  feature  the  high-performance  Intel®  Xeon™  Processor.  And  they  let  you  do  more  with  less.  By 
sharing  and  pooling  servers,  storage  and  network  resources,  you  can  virtualize  and  automate  more  processes.  And  HP  BladeSystem 
solutions  not  only  offer  lower  total  acquisition  costs,  they  also  allow  the  same  number  of  people  to  manage  more  IT— offering  you  a 
better  return.  Normally,  upgrading  to  more  sophisticated  technology  comes  with  a  hefty  price  tag.  Instead,  you'll  get  more  expertise 
before  you  buy,  more  technology  when  you  buy  and  more  support  after.  None  of  which  will  cost  more. 


HP  ProLiant  BL30p  Blade  Server 


THE  SOLUTION 

THE  BENEFITS2 

•  2  Intel®  Xeon™  Processors  DP  up  to  3.20GHz/2MB' 

•  High  density:  Up  to  96  servers  per  rack 

•  Flexible/Open:  Integrates  with  existing  infrastructure 

•  HP  Systems  Insight  Manager1'*':  Web-based 
networked  managment  through  a  single  console 

•  Rapid  Deployment  Pack:  For  ease  of  deployment 
and  ongoing  provisioning  and  reprovisioning 

•  23%  savings  on  acquisition  cost 

•  Up  to  19%  less  power  consumption 

•  Up  to  93%  fewer  cables 

•  43%  less  space  needed  for  same  processing  power 

•  Hot-swappable  server  design 

•  Single  interface  for  local  and  remote  management 
of  servers,  storage,  software  and  networking 

SAVE  $500  INSTANTLY 

with  the  purchase  of  any  HP  BladeSystem  enclosure.3 


Enhance  your  system. 


HP  StorageWorks 
MSA1500cs 

-  Up  to  24TB  of  capacity  (96  250GB  SATA  drives) 

-  Up  to  16TB  of  capacity  (56  300GB  SCSI  drives) 

-  Ability  to  mix  SCSI  and  Serial  ATA 
enclosures  for  greater  flexibility 

-  2GB/ 1GB  Fibre  connections  to  host 

GET  UP  TO  2TB 
OF  STORAGE  FREE4 
(Save  up  to  $3,192) 


Contact  HP  today  for  a  free  IDC  white  paper:  Adapting 
to  Change:  Blade  Systems  Move  into  the  Mainstream 


click  www.hp.com/go/Bladesmag22 


call  1-866-356-6088 


visit  your  local  reseller 

1 .  Intel's  numbering  is  not  a  measurement  of  higher  performance.  2.  Based  on  internal  HP  testing;  compared  to  similarly  configured  HP1U,  2P  server.  For  configurator,  please  visit:  http://h30099.www3.hp.com/configurator/catalog-issipc.asp.  3.  Offer  valid  through  4/30/05. 4.  Receive  up  to  2TB  of  storage  free  with  purchase 
of  select  HP  StorageWorks  MSA1 500  devices.  Offer  ends  on  3/31/05.  See  Web  site  for  full  details.  Intel,  Intel  logo,  Intel  Inside,  Intel  Inside  Logo,  Intel  Centrino,  Intel  Centrino  Logo,  Celeron,  Intel  Xeon.  Intel  SpeedStep,  Itanium  and  Pentium  are  trademarks  or  registered  trademarks  of  Intel  Corporation  or  its  subsidiai.es  in 
the  United  States  and  other  countries.  ©2004  Hewlett-Packard  Development  Company,  L.P. 
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Top  10  data  center  dangers 

By  Deni  Connor 

Network  World  Servers  Newsletter 

Infrastructure  Development  Corporation  (IDC-MCS)  surveyed  more  than  300 
data  centers  to  determine  the  top  data  center  dangers. 

The  IT  consultancy  urges  companies  to  examine  the  physical  infrastructures 
in  their  data  centers  and  other  mission-critical  facilities  to  find  and 
fix  flaws. 

IDC-MCS  says  that  as  data  centers  age  or  as  equipment  density  increases, 
it  is  not  uncommon  to  find  that  the  HVAC,  uninterruptible  power  supplies 
(DPS)  or  cable  management  systems  are  becoming  over-burdened. 

....  The  fifth  is  also  a  familiar  danger  -  overheated  data  centers. 

As  new  equipment  is  added  to  older  data  centers,  it  can  strain  cooling 
systems.  Blade  and  rack-dense  servers  are  often  the  cause  of  these 
problems,  IDC-MCS  says . 


Find  this  article  at 

www.nwfusion.com/go/2servers.htm! 

For  other  great  newsletter  topics,  go  to 
www.nwfusion.com/go/nt031 4.html 


We  just  spent  almost  $70  million  researching 
solutions  to  tomorrows  server  problems 
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Why  not  spend  a  few  minutes  with  us? 

We  talked  to  thousands  of  customers  from  Baltimore  to  Beijing  and  saw 
the  good,  the  bad,  and  the  ugly  measures  customers  took  in  their  data 
center  planning.  In  many  cases,  turnover  and  budget  cuts  resulted  in  no 
plan  at  all. 

Do  you  and  your  staff  know  the  top  ten  planning 
mistakes  to  avoid?  The  easiest  way  to  improve 
cooling  without  spending  a  dime? 

Find  these  answers  and  more  -  in  our  latest 
selection  of  white  papers.  Take  advantage  of 
our  valuable  research  today  and  save 
yourself  money  and  headaches  tomorrow. 

If  you  would  like  more  information  about 
APC's  availability  solutions  visit  us  online  at 

www.apc.com.  Legendary  Reliability* 
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What  type  of  availability  solution  do  you  need? 

□  UPS:  0-16kVA  (Single-phase)  □  UPS:  10-80kVA  (3-phase  AC)  □  UPS:  80+ kVA  13-phase  AC]  □  DC  Power 
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Wi-Fi 

continued  from  page  46 

from  one  network  to  the  other,  such  as 
enabling  [Short  Messaging  Service]  on  Wi¬ 
Fi,”  says  Steven  Shaw,  director  of  marketing 
for  Kineto  Wireless.“Users  need  to  have  the 
same  access  to  applications  and  the  same 
user  features  as  they  had  before,  or  they 
won’t  be  satisfied.” 

However,  the  bridging  technology  is  only 
one  piece  of  the  puzzle.  Another  must-have 
is  the  dual-mode  handset  that  switches 
seamlessly  between  networks.  “For  broad 
handset  support,  the  industry  first  needed 
an  appropriate  standard  for  fixed-mobile 
convergence,”  Shaw  says. 

This  is  where  UMA  comes  in.  It  will  be 
part  of  Release  6  of  3rd  Generation  Part¬ 
nership  Program,  and  as  a  result  handset 
manufacturers  now  have  specifications  to 
build  to.  On  the  heels  of  these  develop¬ 
ments,  ABI  Research  predicts  that  there  will 
be  more  than  50  million  dual-mode  hand¬ 
sets  worldwide  by  the  end  of  2009. 

What's  the  benefit  to  IT? 

The  most  immediate  benefit  to  an  IT 
staff  will  be  cost.  However,  quantifying 
actual  cost  savings  is  something  that  car¬ 
riers,  vendors  and  even  analysts  seem 
reluctant  to  do.  Although,  the  basic  logic 
goes  something  like  this:  A  large  number 
of  mobile  calls  placed  within  the  corpo¬ 
ration  are  actually  intra-enterprise  calls. 
With  a  converged  service,  those  calls 
would  be  free.  Mobile  calls  placed  within 
a  corporation  but  going  to  the  outside 
world  also  would  be  less  expensive  going 
over  the  Internet  than  over  the  cellular 
network. 

“Already  you  have  large  enterprises  play¬ 
ing  hardball  with  carriers,”  Bridgeport’s 
Jhawar  says.“Certain  large  enterprises  are 
telling  the  telcos  that  they  will  no  longer 
pay  for  on-campus-to-on-campus  calls.”  If 
this  is  true,  it  means  that  convergence  ulti¬ 
mately  will  benefit  the  carrier  —  which  in 
essence  is  able  to  extend  its  network 
without  adding  capacity. 

“Basically,  increased  mobility  equals 
increased  productivity”  Kineto’s  Shaw 
says.  “The  user  experience  of  data  appli¬ 
cations  on  phones  is  also  greatly 
improved  when  you  have  broadband.” 

“A  converged  solution  is  a  more  secure 
solution,”  Avaya’s  Lovasco  says.“With  con¬ 
vergence,  enterprises  are  able  to  regain 
control  of  their  mobile  user  base.” 

When  will  we  see  converged 
services? 

That  depends  on  what  you  mean  by 
“converged."  T-Mobile  provides  a  dual¬ 
mode  service,  although  it  lacks  session 
persistence.  Bridgeport  and  Kineto  have 
both  been  in  trials  with  carriers  — 
BridgePbrt  with  Bell  Canada  and  Kineto 
with  AT&T  Wireless.  The  Avaya/Proxim/ 
Motorola  offering  is  due  out  in  the 
spring. 

As  for  carrier  offerings,  timetables  are  still 
up  in  the  air.  “Actually,  the  cable  operators 
may  be  the  first  movers  in  this  space,” 
Jhawar  says.  “Many  are  looking  to  partner 


with  [mobile  virtual  network  operators] ,  as 
evidenced  by  the  recent  announcement 
between  EarthLink  Wireless  and  SK  Tele¬ 
com.  Convergence  is  perfect  for  [mobile 
virtual  network  operators].  They’re  not 
responsible  for  maintaining  networks,  so 
they  are  freer  to  focus  on  convergence  and 
the  benefits  that  come  with  it.” 


Vance  is  a  freelance  technology  writer  and 
president  of  Sandstorm  Media  ( www.sand 
stormmedia.net).  He  focuses  on  trends  in 
wireless  communications ,  next-generation 
networking,  security  and  Internet  infrastmc- 
ture.  He  can  be  reached  at  jeff@sandstorm 
media.net. 
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www.mrv.com/nw 


Connectivity  UnlimitedrM 


1-800-338-5316  , 


Looking  to  Reduce  Cost  while  Deploying 
New  and  Improved  Services? 


MRV  has  it  all 

MRV  will  help  you  reduce  costs  and  offer  new  and  improved  services  while  simplifying  deployment  to  your 
customer.  MRV  provides  industry  leading  solutions  for  Optical  Ethernet  Access  (including  802.3  AH),  Intelligent 
Ethernet  Demarcation,  10  Gigabit  Layer  2/3  switches  with  innovative  QoS  and  MPLS/VPLS  in  the  access.  With  the 
broadest  range  of  solutions,  MRV  provides  everything  from  carrier  managed  media  converters  all  the  way  to  high 
performance  MPLS  VPN  demarcation  products,  as  well  as  Ethernet  over  wavelength  platforms.  Carriers  need  an 
array  of  Customer  Edge  solutions  and  MRV  has  the  most  comprehensive  set  in  the  industry. 
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Anti-spam  technology  failing?  Well... 


SCAMMED! 


Meridius  Security  Gateway 

99%  spam  detection  rate, 

0%  false  positives, 

100%  virus  blocking* 


Call  1.866.895.6931  and  get  a  $5000*  trade-in  credit 


*  Contact  a  BlueCat  Networks  representative  for  promotion  details.  Limited  time  offer.  Promotion  code:  BCN-M105 
t  "Scanning  for  Spam",  Network  Computing  Magazine  Oct.  28,  2004 


<$>  INSIDE-THE-DDMAIN" 

www.bluecatnetworks.com/subscribe 


e  t  w  o  r  k  s.  simplified 


Call  us 


Schedule  your  free  demo  today. 
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Meridius  Security  Gateway 
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www.nwfusion.com 
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CAREER  DEVELOPMENT 
PROJECT  MANAGEMENT 
BUSINESS  JUSTIFICATION 


Compliance  burdens 

Regulatory  requirements  have  IT  jumping  through  hoops  to  meet  them, 
although  these  mandates  are  also  driving  bigger  security  budgets. 


A  five-part  series  on  how  to 

®tum  challenges  into 
opportunities. 


■  BY  ELLEN  MESSMER 

Editor's  note:  This  is  the  fourth  installment  of  a 
five-part  series  on  the  threats  facing  IT  executives 
and  how  to  mitigate  them. 


As  challenging  as  the  security 
demands  imposed  by  some  new 
regulatory  requirements  have  been, 
they’ve  also  presented  IT  managers  with 
a  golden  opportunity  to  make  network 
improvements. 

Of  particular  influence  have  been  the  Sarbanes-Oxley  (SOX)  Act’s  financial  reporting 
standards  for  publicly  traded  companies  and  the  Health  Insurance  Portability  and 
Accountability  Act  (HIPAA),  federal  security  rules  for  patient  data  that  take  effect  next 
month  for  healthcare  organizations. 

For  companies  that  spent  several  months  striving  to  understand  SOX  or  HIPAA,  the 
requirements  brought  good  news:  For  some  IT  departments,  upper  management  gener¬ 
ously  opened  purse  strings  to  acquire  new  auditing  and  security  protections. 

“SOX  was  very  much  a  driver  for  getting  Configuresoft’s  Enterprise  Configuration  Man¬ 
ager  and  other  tools,”  says  Bill  Randall,  IT  director  at  Red  Robin  Gourmet  Burgers,  a 
Greenwood  Village,  Colo.,  restaurant  chain. 

Configuresoft’s  ECM,  which  Red  Robin  added  to  30  servers  and  about  200  workstations, 
documents  and  tracks  operating  system  and  application  configurations  and  password 
changes,  while  ensuring  compliance  with  a  written  policy 

According  to  Randall,  that  capability  helps  meet  the  SOX  requirements  that  organiza¬ 
tions  document  their  systems  for  auditing  purposes. 

“When  we  knew  SOX  was  coming  down  the  pike,  we  used  it  as  an  opportunity  to  bet¬ 
ter  document  our  procedures  because  we  know  this  will  be  part  of  the  financial  audit, 
which  includes  the  SOX  audit,  that  our  auditor  Deloitte  will  do  later  this  year,”  Randall 
explains. “The  IT  audit  is  a  big  part  of  that  review  because  IT  is  the  gatekeeper  for  the 
financial  controls.” 

Manual  documentation  and  audit 
and  policy-enforcement  process 
would  have  taken  Red  Robin’s  IT 
department  more  than  12  hours,  but 
automating  the  process  through  ECM 
reduced  it  to  10  minutes. 

Red  Robin  also  deployed  the  NetlQ 
Security  Manager  to  centrally  monitor 
and  analyze  network  logs  across  the 
network,  which  included  firewalls  and 
intrusion-prevention  systems. 

“At  the  beginning  of  the  year,  we  had¬ 
n’t  budgeted  for  all  this,”  Randall  says 
of  the  unexpected  bonanza.  But  as  the 
company  examined  its  own  practices, 
it  became  clear  that  SOX  compliance 


CHALLENGE 

Regulatory  requirements  such  as  SOX 
and  HIPAA  are  placing  tougher  security 
and  auditing  demands  on  companies. 

RESPONSE 

Establishing  a  dialogue  between  IT  and 
business  leaders  can  further  the  deploy¬ 
ment  of  needed  security  systems  by 
defining  them  in  terms  of  how  they  help 
achieve  regulatory  objectives  rather  than 
simply  proposing  them  in  complex  tech¬ 
nology  terms. 


would  mean  hiring  more  systems  experts 
or  implementing  better  automation  —  and 
Red  Robin  opted  for  the  latter. 

United  Parcel  Service  (UPS),  which  has 
360,000  employees,  is  choosing  to  ap¬ 
proach  SOX  compliance  by  deploying 
security  best  practices  across  the  board. 
UPS  is  giving  everyone  the  handheld 
dynamic-password  token  SecurlD  from 
RSA  Security  for  two-factor  authentica¬ 
tion  to  remotely  access  applications  such 
as  payroll  benefits.  The  worldwide  pack¬ 
age  delivery  firm  also  is  using  IBM  Tivoli’s 
identity  management  software  to  auto¬ 
mate  user  provisioning. 

“Sarbanes-Oxley  has  been  a  way  to  improve 
audits  for  compliance  reasons,” says  Jim  Flynn,  systems 
manager  for  security  policy  and  strategy  at  UPS  in  Atlanta. 

Regulations  such  as  SOX  and  HIPAA  don’t  exactly  spell  out  what  technologies  must  be 
used  to  stay  on  the  safe  side  of  the  law.  However,  many  IT  managers  appear  convinced  that 
regulatory  compliance  in  the  end  will  come  down  to  the  commonsense  notion  of  best 
practices  in  management  of  identity  passwords,  system  logs  and  vulnerability  assessment. 

“For  HIPAA,  we  needed  to  more  robustly  manage  IDs,” says  Buddy  Gillespie, CIO  and  vice 
president  at  WellSpan  Health,  a  healthcare  provider  in  Southeast  Pennsylvania,  which  de¬ 
ployed  Courion’s  user-provisioning  software  to  centrally  track  how  6,000  users  accessed 
applications. 

“It  cost  us  somewhere  between  $75,000  and  $100,000,  but  it  was  reasonable  enough 
to  fit  into  out  HIPAA  budget,”  says  Gillespie,  adding  upper  management  pays  close 
attention  to  meeting  HIPAA’s  security  rules  for  protecting  unauthorized  access  to 
patient  data. 

Eben  Berry  manager  of  IS  at  Network  Health,  a  healthcare  provider  in  Cambridge,  Mass., 
says  senior  management  within  his  organization  also  has  been  highly  focused  over  the  last 
year  on  meeting  HIPAA  security  regulations.  Although  he  won’t  release  specific  financial 
figures,  Berry  says  this  focus  helped  the  IT  department  get  almost  double  the  security  bud¬ 
get  it  had  before. 

“HIPAA  brought  the  visibility  up  to  senior  management,  and  we  made  five  additional 
purchases  for  security  purposes  that  probably  wouldn’t  have  been  on  the  radar  without  it,” 
Berry  says.  Network  Health  also  conducted  a  HIPAA  compliance  check-up  on  itself  using 
assessment  tools  from  Askia  and  Mag  Mutual’s  TurboCharge  HIPAA  Security 

Network  Health  also  recently  purchased  WholeSecurity’s  host  authentication,  eEye 
Digital  Security’s  Retina  scanner  and  SurfControl’s  Web  filter  product  to  restrict  access  to 
the  Web  and  lessen  the  chance  of  downloading  viruses  and  spyware. 

HIPAA  is  making  it  easier  for  Good  Samaritan  to  get  security  funding,  too,  according  to 
Chuck  Christian,  director  of  IS  at  the  1,000-employee  hospital  in  Vincennes,  Ind. 

Good  Samaritan  girded  for  HIPAA  security  by  getting  together  with  other  hospitals,  state 
government  regulators  and  attorneys  under  the  umbrella  of  the  Indiana  HIPAA  Task  Force, 
which  meets  once  a  month. 

To  improve  controls  on  access  to  applications,  Good  Samaritan  decided  to  deploy 
Imprivata’s  single  sign-on  software  and  appliance,  which  cost  about  $70.000.The  hospital 
is  also  looking  into  the  type  of  software  that  would  monitor  outbound  e-mail  and  other 
communication  to  make  sure  confidential  patient  data  isn’t  transmitted  over  the  Internet 
without  authorization.  “This  is  all  private  and  confidential  information,  and  we  need  to 
keep  it  that  way’  Christian  says.  ■ 
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Your  weapon:  CounterSpy  Enterprise. 
Centralized  spyware  eradication. 

COUnTEH 


Spyware:  the  new  number  one  enemy  for  IT. 

Recent  surveys  of  IT  specialists  show  that  spyware 
infections  have  reached  epidemic  proportions. 

Spyware  is  one  of  the  most  serious  security 
threats  and  productivity  killers  today.  It’s  insidious.  Its  creators  are 
well-financed,  relentless  and  remorseless.  For  the  enterprise,  com¬ 
mon  antispyware  can’t  cut  it. 
CounterSpy  Enterprise: 
Knock  out  spyware 
from  one  centralized 
location.  Company-wide 
spyware  management 
requires  a  real  enterprise 
product  with  centralized  management.  CounterSpy  Enterprise  is  just 
that:  a  scalable,  policy-based,  second-generation  antispyware  tool  built 
from  the  ground  up  by  and  for  system-  and  network  administrators  to 
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kill  spyware  quickly  and  easily. 
Powerful,  comprehensive  spyware 

Counterspy’s  scanning  engine  uses 
threat  signatures  from  multiple  sources  to  hunt 
down  and  delete  more  than  30  categories  of  spyware,  adware,  and 
other  malware.  Spyware  doesn’t  stand  a  chance.  We’ve  recruited 
an  army  to  combat  spyware.  New  spyware  comes  out  all  the  time. 
That’s  why,  in  addition  to  our  own  research  team,  we  have  CounterSpy 
ThreatNet™  Customers  of  our  consumer  version  report  new  potential 
threats  to  ThreatNet  for  analysis.  Then  we  propagate  new  threat  signa¬ 
tures  to  all  users— consumer  and  enterprise.  Sunbelt  combines  forces 
to  hit  spyware.  Hard.  Free  trial.  Find  out  how  many  machines  in 
your  organization  are  infected.  Scan  your  machines  for  free. 

Get  it  here:  www.sunbelt-software.com/csenww. 

SUNBELT  SOFTWARE 


Sunbelt  Software  Tel:  1-888-NTUTILS  (688-8457)  or  1-727-562-0101  Fax:1-727-562-5199  www.sunbelt-software.com  sales@sunbelt-software.com 


©  2005  Sunbelt  Software.  All  rights  reserved.  CounterSpy  and  ThreatNet  are  trademarks  of  Sunbelt  Software.  All  trademarks  used  are  owned  by  their  respective  companies. 


KVM  over  IP 


Web -based  access 


Eniov  the  mao  ic 


Cyclades  AlterPath™  KVM/net 
offers  a  unique  set  of  features: 

■  Server-based  authentication 

(NT  domain,  LDAP,  Secure  ID,  RADIUS,  TACACS+) 

■  16  and  32  port  models 

■  CAT5  cabling  up  to  500  feet 

■  User  access  logging 

■  System  event  syslog 

■  Integrated  power  management 


We've  worked  our  magic. 
Now  you  can  work  yours. 


Over  85%  of  Fortune  100 
choose  Cyclades. 

www.cyclades.com/nw 

1.888.cyclades  ■  sales@cyclades.com 


cyclades 


©2004  Cyclades  Corporation  AU  rights  reserved.  All  other  trodemorta  and  product  images  are  property  of  their  respective  owners.  ProdiKJ  IntecmoHcn  sokiert  10  art** 
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Ultimate  in  Workstation  Security 


Two-Factor  &  Single  Login  User  Authentication 

Configurable  Secure  Drive  for  Information  &  Application  Protection 

'raspy?  '  -  - 

Prevents  Unauthorized  Remote  Access  to  Servers  or  Accounts 

Tracking  and  Recovery  of  Lost  or  Stolen  Computers 

Privacy  Act  Compliance 

24  /  7  Security  Monitoring  &  Support  Center 

Over  8  Years  of  Proven  Success 


Contact  us  today  for  your  free  evaluation  copy! 


800.501 .4344 
www.thecyberangel.com 


©  1996-2005  CSS,  Inc.  Patented  Technology 
475  Metroplex  Drive  Suite  104  Nashville,  Tennessee  37211 
All  rights  reserved. 

Laptop  Courtesy  of  Overam.com. 
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How  much  can  your  network  analyzer  handle? 


Observer  is  the  only  fully  distributed  network  analyzer  built 
to  cover  your  entire  network  (LAN,  802.Ha/b/g,  Gigabit,  WAN). 
Download  your  free  Observer  10  evaluation  today  and  experience 
more  real-time  statistics,  more  expert  events  and  more  in-depth 
analysis  letting  you  monitor,  troubleshoot  and  manage  every  site 
on  your  network  with  one  complete  solution.  Choose  Observer. 


-5ECUPI  tv  conTROi- Watch  for  virus  and  hack  attacks  to 
quickly  isolate  infected  areas. 


RLERT- Setup  Triggers  and  Alarms  on  any  network  threshold 
and  be  the  first  to  know  of  network  issues. 


-  HE T  WORK  OMERLQRB-  Monitor  bandwidth  utilization,  access 

point  utilization  rates  and  network  top  talkers  with  Real-Time  Statistics. 
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US  &  Canada 


toll  free  800.526.5958 
fax  952.932.9545 


+44(0)1959569880 


www.networkinstruments.com/analyze 


Does  your  analyzer  cover  one  room  or 

thewh  e  house? 
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Raritan's  Dominion®  SX  is  here  and  you  won't  believe  the  impact 
it  has  on  your  incident  response,  problem  diagnosis  and  repair 
times.  With  so  many  more  features  than  the  competition,  your 
only  question  will  be  what  to  do  with  your  existing  serial  console 
servers.  We  have  some  ideas.  Come  to  our  site.  Tell  us  which 
weapon  to  use.  Sit  back  and  watch  the  fun.  When  you're  ready  to  take  control. 


Raritan 


www.nwfusion.com 
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A-  KVM  switch  allows  single  or  multiple 
‘workstations  to  have  local  or  remote  access  to 
.-'.’  .multiple  computers  located  in  server  rooms  or 
on  the  desktop  regardless  of  their  platforms 
and  operating  systems.  KVM  switches  have 
^.''••-traditionally  provided  cost  savings  in  reducing 
•  energy,  and  equipment  costs  while  freeing  up 
valuable  real  estate. 
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Recognized  as  the  pioneer  of  KVM  switch 
.•••-•  technology,  Rose  Electronics  offers  the 
.  industry's  most  comprehensive  range  of 
server  management  products  such  as  KVM 
switches,  extenders  and  remote  access 
solutions.  Rose  Electronics  products  are 
known  for  their  quality,  scalability,  ease  of  use 
and  innovative  technology. 

Rose  Electronics  is  privately  held  with  world- 
headquarters  in  Houston,  Texas  and  sells  its 
products  worldwide  through  a  large  network  of 
Resellers  and  Distributors.  Rose  has 
operations  in  the  United  Kingdom,  Spain, 
Germany,  Benelux,  Singapore  and  Australia. 


SERVERS  WITHIN  YOUR  REACH 
FROM  ANYWHERE 


KVM  RACK  DRAWER  WITH  KVM  SWITCH  OPTION 


Rose  Electronics 

10707  Stancliff  Road 

Houston,  Texas  77099 

ROSE  US 

+281  933  7673 

ROSE  EUROPE 

+  44(0)  1264  850574 

ROSE  ASIA 

+  65  6324  2322 

ROSE  AUSTRALIA 

+  617  3388  1540 

UltraMatrix  Remote 

REMOTE  MULTIPLE  USER 
KVM  MATRIX  SWITCH 
ACCESS  OVER  IP  OR  LOCALLY 

•  Connects  1,000  computers  to  multiple  user  stations 
over  IP  or  locally 

•  High  quality  video  up  to  1280  x  1024 

•  Scaling,  scrolling,  and  auto-size  features 

•  Secure  encrypted  operation  with  login  and  computer 
access  control 

•  Advanced  visual  interface  (AVI) 

•  No  need  to  power  down  servers  to  install 

•  Free  lifetime  upgrade  of  firmware 

•  Available  in  several  models 

•  Easy  to  expand 

800  333  9343 

WWW.ROSE.COM 


UltraConsole 

PROFESSIONAL  SINGLE-USER 
KVM  SWITCH  SUPPORTS  UP 
TO  1000  COMPUTERS 

•  Connects  up  to  1000  computers  to  a  KVM  station 

•  Models  for  4,  8,16  computers 

•  Advanced  visual  interface  (AVI) 

•  Compatible  with  Windows,  Linux,  Solaris,  and  other  O/S 

•  Connects  to  PS/2,  Sun,  USB,  or  serial  devices 

•  Converts  RS232  serial  to  VGA  and  PS/2  keyboard 

•  Free  lifetime  upgrade  of  firmware 

•  Security  features  prevent  unauthorized  access 

•  Full  emulation  of  keyboard  and  mouse  functions  for  automatic, 
simultaneous  booting 

•  Easy  to  expand 
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TAP  into  Performance 

Monitor  mission-critical  links  with  the 
latest  technology  through  new  nTAPs 

Stop  jeopardizing  network  performance  and  risking  costly  downtime.  Be  confident  you 
have  maximum  visibility  into  your  full-duplex  links  by  configuring  an  nTAP  solution  that 
fits  your  network  and  budget.  Visit  www.networkTAPs.com/visibility  today. 


10/100/1000  Conversion  nTAP 

Copper  input  with  copper  or 
fiber  output  options 
Choose  your  analysis  output: 

SX . $1,995 

LX . $1,995 


Optical  Fiber  nTAP 

Multiple  split  ratios 

Choose  your  port  density: 

B  Sinale  channel . 

$395 

I  Four  channel . 

$1,795 

HP  Six  channel . 

$2,395 

To  learn  more  about  how  nTAPs  can  boost  your  network  visibility  and  which  configuration  option 
is  best  for  you,  go  to  www.networkTAPs.com/visibility  or  call  866-GET -nTAP  today. 

Free  overnight  delivery* 
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"free  overnight  delivery  on  all  U.S.  orders  over  $300.00  confirmed  before  12  pm  CST. 

nTAP  and  the  nTAP  logo  are  trademarks  or  registered  trademarks  of  Network  Instruments,  U£. 
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*  renewed 


408.727,1122 
Fax:  408.727.8002 

343  1  DE  LA  CRUZ  BEVC 
WWW.RECURRENT.COM 
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SANTA  ELARA,  CA  95054 
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Server  Rack 
Cabinets  and  More 


' 

Small  low-profife  server  rack  cabinets  are  just  one  of  over 

2,000  items  on  the  ISC  website.  Browse  the  on-line  catalog 
and  choose  from  a  wide  array  of  computer  related  product 
solutions  for  today’s  workplace.  Order  on-line  or  call  for 
assistance  from  one  of  our  knowledgeable  account  managers. 


Visit  www.iscdfw.com  or  call  1-800-458-6255  for  more  information. 
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SERIOUS  EVENT  LOO  MANAGEMENT. 

WITHOUT  THE  BULL." 


Installing  some  of  today's  mega  management  software  packages  is  often 
like  unleashing  a  bull  in  a  china  shop,  or  at  least  in  your  network. 

This  is  why  Dorian  Software  Creations'  modular  approach  lets  you  decide 
and  deploy  the  event  log  management  strategy  that  works  best  for  you  and 
best  meets  your  needs. 

Look  to  Event  Archiver™  for  automated  log  collection,  Event  Analyst™  for 
log  filtering  and  reporting,  and  Event  Alarm™  to  monitor  your  log  files. 
Finally,  they  combine  to  provide  the  only  patent  pending  total  solution  for 
event  log  management,  without  the  bull. 
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Control  Power  on  Any  AC 

Powered  Device ... 

Via  Weis  Browser,  Telnet, 
Modem  or  Local  Terminal 
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Servers,  routers,  and  other  electronic  equipment 
occasionally  “lock-up”,  often  requiring  a  service  call 
to  a  remote  site  just  to  flip  the  power  switch  to  perform 
a  simple  reboot.  With  WTI’s  Remote  Power  Switches, 
you  can  perform  reboot  and  On/Off  control  from 
anywhere! 
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Web  Browser  Access  for  Easy  Setup  and 
Operation 

Encrypted  Password  Security 

Dual  15  Amp  Power  Circuits 
Total  30  Amps  Maximum  Load 

115  VAC  and  230  VAC  Models 
Sixteen  (16)  Individual  Outlets 
RS232  Modem  /  Console  Port 
Network  Security  Features 
Power-Up  Sequencing 

Also  Available  in  4,  8  &  16  Plug  Models  and 
Horizontal  1 U  and  2U  Models 

Web  Browser  Interface 
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WBnt  an  On-Line  Demo? 

Just  call  or  email  and  you’ll  see  for  yourself  why  so  many 
network  professionals  choose  WTI. 


Yes,  We  are  Customer  Friendly! 

s/  Two  Year  Warranty 
/  We  Stock  for  Same  Day  Shipment 
y'  30  Day  No-Fee  Return  Policy 
t/  Start-up  Cables  and  Rack  Kits  Included 
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western  telematic  incorporated 

5  Sterling  •  Irvine  •  California  •  92618-2517  •  (800)  854-7226 
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Across  a  PC,  1 

Mf.lt  Instantly  Search 
¥%n  Gigabytes  of  Text 
Metwork,  Intranet  or  Internet 

Publish  Large  Document  Collections  to  the  Web  or  to  CD/DVD 

♦  over  two  dozen  indexed,  unindexed,  fielded  &  full-text  search  options 

♦highlights  hits  in  HTML,  XML,  &  PDF  while  displaying  embedded  [inks,  formatting  &  flfffeTT&J 

♦  converts  other  file  types  (word  processor,  database,  spreadsheet,  email,  ZIP,  Unicode,  etc.) 
to  HTML  for  display  with  highlighted  hits 

“The  most  powerful  document  search 
tool  on  the  market”  -Wired  Magazine 

“Intuitive  and  austere ...  a  superb 
search  tool”  -PC  World 

“Blindingly  fast”  -Computer  Forensics: 

Incident  Response  Essentials 

“A  powerful  arsenal  of  search  tools” 

-The  New  York  Times 

dtSearch  “covers  all  data  sources ...  \ 
powerful  Web-based  engines”  -eWEEkl 

“Searches  at  blazing  speeds” 

-Computer  Reseller  News  Test  Center 

In  the  past  two  years,  over  half  of  the 
Fortune  15  purchased  dtSearch 
developer  or  network  licenses. 

See  www.dtsearch.com  for: 

♦  hundreds  of  developer  case  studies  &  reviews 

♦  fully-functional  evaluations 

1  -800-IT-FINDS 

sales@dtsearch.com 


♦  from  $2,500 


♦  from  $800 


The  Smart  Choice  for  Text  Retrieval*  since  1991 
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Reading  someone 
else's  issue  of 

NetworkWorld? 

Subscribe  today  and  receive  your  own 
1-year  subscription  for  FREE  - 

a  $129.00  value! 


Go  to  http://subscribenw.com/mynw  for  your  free  subscription. 


Buying,  Selling  and  Leasing  Since  1981 
Cisco  Systems 

800-699-9722 
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IT  investment 

Where  manufacturers  invested  their  IT  budgets  last  year: 


Staff  and  training 

24%  - 


Applications 

19% - 


SOURCE:  AMR  RESEARCH 


Third-party  IT  services 
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Network/telecom 
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Software 

infrastructure 

technology 
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Computer 

hardware 
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Manufacturers 

continued  from  page  1 

closer  to  where  demand  and 
supply  are  more  synchronous,” 
says  Bob  Parker,  an  analyst  with 
IDC.  “We’re  seeing  the  emer¬ 
gence  of  RFID  and  sensor  net¬ 
works  as  the  means  for  collect¬ 
ing  the  kind  of  data  that  is  need¬ 
ed  to  make  this  synchronization 
happen.” 

Among  those  moving  in  this 
direction  is  General  Motors, 
which  has  deployed  RFID,  802.1 1 
and  sensor  networks  in  several 
plants. 

“The  goal  isn’t  just  to  merge 
manufacturing  plants  with  IT 
[infrastructure] ’’says  Pulak  Ban- 
dyopadhyay  group  manager  for 
plant  floor  systems  and  control 
group  in  General  Motor’s  Manu¬ 
facturing  Systems  Research  Lab 
in  Warren,  Mich.  “It’s  the  collec¬ 
tion  of  real-time  data  and  what 
you  do  with  that  data  you’ve  col¬ 
lected.” 

Part  of  General  Motors’  move 
toward  IT/shop  floor  integration 
has  been  the  deployment  of 
standard  Ethernet  and  IP  as  a 
backbone  technology  for  con¬ 
necting  most  factory  equipment 
and  assembly  line  systems. 

“We’ve  been  trying  to  get  rid  of 
separate  control  networks  for 
everything,”  Bandyopadhyay 
says.“Everything  now  is  connect¬ 


ed  to  an  Ethernet  backbone.” 

Now  the  automaker  is  looking 
toward  802.1 1  technology  in  fac¬ 
tories  to  support  technicians 
using  wireless  PCs  and  PDAs  on 
the  shop  floor.  GM  is  also  deploy¬ 
ing  sensor  networks,  which  use 
tiny  nodes  that  can  monitor  a 
process  or  device  and  send  data 
to  a  computer  via  a  wireless 
mesh  —  in  which  each  sensor 
point  is  also  a  mini  switch  that 
can  send  data  to  and  receive  it 
from  any  point  on  the  plant  floor. 
Deploying  sensors  on  machinery 
could  help  GM  technicians  get 
more  data  on  why  a  machine 
broke  down  and  to  repair  equip¬ 
ment  faster.  Tying  these  sensor 


networks  to  back-end  systems 
also  could  help  predict  when  a 
machine  is  likely  to  fail. 

“We  spend  over  $1  billion  a 
year  in  maintenance  on  our  fac¬ 
tories,”  Bandyopadhyay  says.  “If 
we  have  real-time  systems  that 
can  track  mean  time  to  failure 
on  a  piece  of  equipment,  that 
can  help  us.” 

GM  is  also  using  a  mix  of  wired 
Ethernet,  802.11  access  points 
and  RFID  to  track  parts  in  some 
plants  —  all  the  way  from  sup¬ 
pliers  to  each  stage  of  manufac¬ 
turing.  This  gives  the  company  a 
more  exact  picture  of  how  far 
along  a  car  is  in  the  production 
cycle. 


For  GM,  the  ultimate  business 
driver  for  integrating  real-time 
data  from  plants,  logistics  and 
other  areas  of  the  supply  chain 
is  a  bit  more  radical. 
Bandyopadhyay  says  he  wants 
GM’s  networks  to  be  integrated 
to  the  point  where  communica¬ 
tions  with  dealerships,  logistics 
and  manufacturing  can  turn  the 
traditional  model  of  manufac¬ 
turing  on  its  head;  instead  of 
making  cars  based  on  forecasts 
of  what  buyers  want,  GM  will 
make  cars  based  on  what  auto 
consumers  want  now.  But  this  is 
still  a  way  off. 

“Getting  information  on  what 
people  want  out  of  the  dealer¬ 
ships  and  making  changes  to  the 
manufacturing  process  on  the  fly 
is  still  a  work  in  progress,”  Bandy¬ 
opadhyay  says.  “When  you  con¬ 
nect  all  of  this  together,  that’s 
where  the  big  payoff  is.” 

Other  manufacturing  IT  pros 
question  how  far  a  plant  should 
go  in  putting  critical  processes 
on  the  same  network,  or  cutting 
the  cord  and  going  wireless. 

The  efficiencies  of  a  single  IP 

Manufacturing 

money 

Manufacturers 
spent  around 

$77 

billion 

on  IT  in  2004,  a  5% 
jump  from  the 
previous  year. 

SOURCE:  IDC 


network  and  wireless  are  attrac¬ 
tive,  says  Scott  Buettner,  project 
manager  of  information  services 
for  Honda  of  America  Manufac¬ 
turing,  in  Anna,  Ohio.  But  there 
are  concerns,  such  as  a  failure  of 
an  IP  switch  or  router  causing 
stoppages  on  an  assembly  line. 

And  with  wireless,  things  might 
get  even  scarier. 

“If  an  application  is  mission 
critical  and  relies  on  a  wireless 
connection  that  is  susceptible  to 
interference,  then  that  is  a  safety 
issue,”  he  says.  In  a  scenario 
where  a  piece  of  heavy  equip¬ 
ment  is  being  operated  via  a 
wireless  control,  “maybe  a  1,000- 
pound  die  is  being  moved  by 
a  crane  . . .  then  someone  comes 
along,  working  on  a  spreadsheet 
on  their  wireless  laptop,  and  the 
signals  interfere  with  each  other. 


Best-case  scenario,  the  person 
with  the  laptop  loses  their 
work.  .  .worst  case,  maybe  the 
[crane  controls]  fail  and  the  die 
falls  on  that  person’s  head.” 

The  collection  of  real-time  data 

—  whether  through  wired  or 
wireless  network  infrastructure 

—  poses  another  dilemma  for 
manufacturers;  the  sheer 
amount  of  data  collected  from 
factories,  warehouses,  suppliers 
and  distribution  facilities  can 
become  unwieldy  and  difficult 
to  parse. 

“You’ve  got  massive  amounts  of 
data  coming  into  management 
these  days,”  says  Gary  Matula, 
CIO  at  Molex,  a  manufacturer  of 
electrical  plugs,  cabling  and 
electronics  components.  Beyond 
the  challenges  of  collecting  fac¬ 
tory  data  are  the  issues  of  mak¬ 
ing  sense  of  it  and  putting  the 
information  to  use. 

“We’re  pushing  them  to  make 
more  decisions  based  on  data,” 
Matula  says.  “But  when  you  deal 
with  people  who  have  been  in 
the  industry  a  long  time,  they 
think  they  have  all  the  experi¬ 
ence  in  the  world.” 

Even  smaller  companies  are 
becoming  more  efficient  with 
integrating  back-end  IT  systems 
with  plant  floor  operations.  Weil- 
McLain,  a  maker  of  home  heat¬ 
ing  systems,  recently  moved  its 
plant  from  Michigan  CityInd,,to 
Eden,  N.C.The  company  moved 
from  a  plant  with  older,  inflexi¬ 
ble  production  lines  to  a  mod¬ 
ernized  factory.  At  the  same 
time,  it  rolled  out  software  from 
J.D.  Edwards  (now  owned  by 
Oracle)  to  revamp  its  back-end 
processes. 

“We’re  basically  moving  from 
the  dark  ages  of  technology  on 
the  plant  floor  and  spreadsheets 
to  manage  everything,  to 
demand-flow  manufacturing,” 
says  Tony  Bauschka,  director  of 
IT. 

Instead  of  building  boilers 
based  on  forecasts  computed  in 
spreadsheets,  the  software  ties 
the  company’s  sales  order  sys¬ 
tem  into  the  factory  production 
schedule;  the  only  boilers  that 
are  built  are  ones  that  have  been 
sold  already.  The  software  also 
streamlines  how  bills  of  materi¬ 
als  and  assembly  instructions 
are  passed  from  the  design 
applications  to  the  plant  floor. 
For  example,  Weil-McLain  has 
gone  from  text-based  work 
instructions  to  visual-based 
assembly  guides  for  workers.  All 
of  these  improvements  have 
allowed  the  company  to  reduce 
lead  times  from  three  weeks  to 
eight  days,  Bauschka  says.  ■ 


Oracle,  SAP  duke  it  out  over 
retail  app  maker  Retek 


■  BY  ANN  BEDNARZ 

A  battle  for  retail  software  maker  Retek  ignited  last 
week  when  Oracle  bested  rival  SAP’s  $496  million 
offer  for  the  firm.  Up  for  grabs  is  the  Minneapolis 
company’s  retail  industry  expertise  and  credibility 
with  retail  companies  —  something  Oracle  needs 
more  than  SARanalysts  say. 

Oracle  offered  $9  per  share  for  Retek,  while  SAP  a 
week  earlier  agreed  to  pay  $8.50  per  share.  Retek 
sells  a  broad  range  of  retail-focused  applications, 
including  software  for  operations  management,  sup¬ 
ply  chain  planning,  merchandising  and  demand 
forecasting. 

SAP  has  decent  retail  applications  already  — 
acquiring  Retek  would  ensure  long-term  domi¬ 
nance  in  the  enterprise  retail  software  market,  says 
Scott  Langdoc,  a  vice  president  at  AMR  Research. 
Oracle,  on  the  other  hand,  doesn’t  have  a  cohesive 
retail  applications  strategy  and  can’t  afford  to  let  the 
gap  with  SAP  widen,  Langdoc  says. 

Oracle’s  offer  caps  a  deal  that  has  been  several 
months  in  the  making,  according  to  executives.  The 
two  companies  began  discussions  last  fall,  but 
Oracle  put  its  Retek  efforts  on  hold  during  its  pursuit 
of  BeopieSoft.  “We  were  a  bit  distracted  with  the 


PeopleSoft  integration  process.  When  SAP  made 
their  bid,  we  decided  to  counter]’ said  Larry  Ellison, 
Oracle’s  CEO,  in  a  conference  call  with  analysts. 

An  Oracle  purchase  of  Retek  would  be  less  dis¬ 
ruptive  to  customers  than  an  SAP  purchase,  particu¬ 
larly  since  there’s  little  to  no  product  overlap  be¬ 
tween  the  Retek  and  Oracle  application  suites,  says 
Paula  Rosenblum,  director  of  retail  research  at 
Aberdeen  Group.  However,  Oracle  already  is  focused 
on  integrating  BeopieSoft  and  JD  Edwards,  which 
means  an  Oracle  purchase  isn’t  likely  to  alleviate 
any  of  the  challenges  Retek  users  face  today  —  such 
as  expensive  application  installations  and  difficult 
upgrades,  Rosenblum  wrote  in  a  research  brief. 

While  an  Oracle  win  would  provide  a  cleaner  inte¬ 
gration  path,  an  SAP  win  would  create  a  broader 
footprint  and  global  reach  by  combining  the  two 
companies’  current  product  development  and  sales 
assets,  according  to  AMR  Research. 

AMR’s  Langdoc  doesn’t  expect  SAP  to  cave  in  with¬ 
out  a  fight,  though  the  Walldorf,  Germany  software 
giant  is  mum  so  far  on  any  counteroffer  plans.  For 
Retek,  the  problem  with  a  prolonged  fight  is  that  it’s 
already  in  a  tough  situation  financially  and  opera¬ 
tionally,  and  the  bidding  saga  has  all  but  halted  its 
sales  cycles,  Langdoc  says.B 
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Students  at  Thomas  Jefferson  High  School  in  Alexandria,  Va.,  hard  at  work 
in  the  school's  high-tech  lab. 


School 

continued  from  page  1 

network  file  servers.  A  weekend 
in  February  found  Livingston 
and  other  lab  groupies  sending 
native  IPv6  packets  over  the  high 
school’s  connection  to  Network 
Virginia,  a  broadband  network 
that  links  Virginia’s  colleges  and 
community  colleges. 

“We’re  the  only  institution  be 
sides  Virginia  Tech  that’s  running 
native  IPv6  on  Network  Virginia,” 
Livingston  brags.  (IPv6  is  an 
upgrade  to  the  Internet’s  main 
protocol,  IPv4.) 

TJ  is  an  elite  public  high 
school  that  attracts  top  math  and 
science  students  from  across 
northern  Virginia.The  average 
GPA  is  3.8.The  average  SAT  score 
is  1478.TJ  has  12  cutting-edge 
research  laboratories,  including 
astronomy  biotechnology  and 
robotics  as  well  as  computers. 

“In  my  opinion,  it’s  the  best 
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public  high  school  in  the  nation,” 
says  Marilee  Jones,  admissions 
director  at  the  Massachusetts 
Institute  of  Technology  (MIT), 
which  accepts  as  many  as  20  TJ 
students  each  year. “All  their  pro¬ 
grams  are  strong ...  but  they  have 
such  excellent,  excellent  teach¬ 
ers  there  in  computer  science.” 

TJ’s  four-year  computer  science 
program  includes  courses  in  arti¬ 
ficial  intelligence  and  supercom¬ 
puter  applications.  Most  gradu¬ 
ates  of  this  intensive  program 
end  up  majoring  in  computer 
science  or  engineering  at  presti¬ 
gious  universities  such  as  MIT  or 
Carnegie  Mellon.  From  there  it’s 
on  to  graduate  school  or  posi¬ 
tions  at  technology  powerhouses 
such  as  Cisco,  Microsoft  or  gov¬ 
ernment  contractor  Mitre. 

Each  year,  about  60  of  the 
school’s  420  seniors  graduate 
from  the  school’s  computer  sci¬ 
ence  program. 

What’s  special  about  TJ’s  com- 
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puter  science  program  is  its 
hands-on  approach.The  students 
design  and  maintain  the  school’s 
Web  site  —  www.tjhsst. 
edu  —  as  well  as  the  intranet  stu¬ 
dents  use  to  send  e-mail  and 
record  their  attendance  at 
extracurricular  activities  available 
during  the  eighth  period.  Rather 
than  taking  Linux  programming 
classes,  students  learn  Linux  by 
maintaining  and  upgrading  pro¬ 
duction  network  servers. 

“We  have  kids  here  who  have 
been  programming  since  age  4,” 
says  Richard  Washer,  an  educa¬ 
tion  technology  and  integration 
specialist  with  TJ. 

Each  year,TJ  administrators 
select  a  handful  of  computer  sci¬ 
ence  students  to  act  as  systems 
administrators  for  the  lab. These 
students  operate  and  maintain 
all  the  lab’s  computing  gear,  in¬ 
cluding  40  workstations,  one  Pen¬ 
tium  cluster,  one  MIPS  cluster,  10 
Intel-based  servers,  a  Sun  server, 
a  Cray  supercomputer  and  a 
Cisco  Catalyst  4006  with  several 
blades. 

“When  the  lab  has  a  computer 
problem,  if  the  students  can’t 
solve  it  only  then  does  it  go  to 
the  IT  department,”  says  Peter 
Morasca,  network  engineer  at  TJ. 

Seniors  pass  down  their  institu¬ 
tional  knowledge  about  the  sys¬ 
tems  in  the  lab  and  how  they 
work  to  juniors  corning  up 
behind  them.  - 

“The  adults  don’t  know  how 
this  stuff  works,”  says  Joshua 
Strong,  the  division  manager  of 
science  and  technology  at  TJ. 
Strong’s  background  is  in  run¬ 
ning  IT  systems  for  school  dis- 
tricts.“It  scared  the  bejesus  out 
of  me  when  I  first  got  here”  two 
years  ago,  he  says. 

In  recent  years, TJ  has  added 
a  real-world  IT  support  philoso¬ 
phy  to  the  operation  of  its 
Computer  Systems  Lab. 
Students  are  taught  not  only 
how  to  install  a  new  server  or 
router  onto  a  network  but  also 
how  to  do  the  proper  testing 
to  ensure  that  the  network 
stays  up  and  running  during 
the  process. 

“We’re  telling  them  that  five  or 
six  nines  [of  reliability]  is  the 
goal.The  goal  is  not  to  be  pulled 
out  of  class  to  fix  a  computer 
problem,”  Strong  says. 

One  of  the  biggest  projects  TJ 
students  are  working  on  now  is 
revising  the  school’s  intranet, 
which  grew  out  of  a  senior 
research  project  conducted  sev¬ 
eral  years  ago. The  intranet  is 
based  on  PHP  scripting  lan¬ 
guage,  uses  the  open  source 
database  MySQL  and  runs  on  a 


Linux  server. 

“There  are  hundreds  of  lines 
of  code  but  no  documentation,” 
says  Dan  Tran,  a  17-year-old 
junior  who  is  leading  the  20  stu¬ 
dents  involved  in  this  effort. 
“What  we’re  trying  to  do  now  is 
keep  all  the  features  but  put 
them  in  a  modularized  format.” 

The  intranet  redesign  effort  has 
been  code-named  Iodine  —  a 
bit  of  scientific  humor  from  a 
student  taking  advanced  chem¬ 
istry  classes.  (Iodine’s  chemical 
representation  is  12,  which  also 
stands  for  Intranet  2.) 

ForTJ  students,  being  involved 
with  Iodine  is  a  chance  to  hone 
Web  development  skills. 

“I’m  in  here  most  of  my  free 
time,”  says  Tran,  who  has  remote 
access  to  the  lab  systems  so  he 
also  can  work  on  this  project 
from  home.Tm  doing  this  for 
fun,  but  also  for  the  prestige  and 
the  experience.” 

For  administrators,  Iodine  gives 
the  school  a  much-needed  safety 
net  to  ensure  the  intranet  appli¬ 
cations  that  students  use  on  a 
daily  basis  can  continue  to  be 
maintained  and  upgraded.  It’s  a 
similar  challenge  to  what  any 
network  manager  faces  with  an 
aging,  homegrown  application, 
Strong  says. 

“The  students  here  end  up 
mimicking  life  in  this  very  small 
enterprise,”  Strong  says. 

With  its  powerful  computers 
and  hands-on  philosophy  TJ’s 
Computer  Systems  Lab  attracts 
like-minded  students,  who  start 
hanging  out  here  as  freshman  to 
pay  homage  to  the  on-site  super- 
computer.’The  kids  come  in 
here  and  find  a  home,"  he  says. 

The  school  isn’t  entirely  about 
technology  It  has  highly  ranked 
sports  teams  (bumper  stickers 
read:“i  go  to  TJ  for  the  sports”), 
and  students  participate  in 
activities  such  as  band  as  they 
might  at  any  other  school.  But 


many  of  the  computer  science 
students  are  single-minded. 

Senior  Kyle  Moffett  estimates 
that  he  spends  about  20  hours  a 
week  as  one  of  the  lab’s  systems 
administrators.  Moffett  works 
closely  with  Livingston  to  main¬ 
tain  the  workstations  in  the  lab 
and  redesign  a  pair  of  network 
servers.They  also  are  working  to 
develop  an  API  library  that  per¬ 
forms  some  of  the  functions  of 
the  operating  system  kernel  and 
can  be  used  for  testing  purposes. 

“I  have  three  computer  sys¬ 
tems  in  my  bedroom:  a  desktop, 
a  server  and  a  router,”  says  the 
18-year-old  Moffett.  He’ll  attend 
Virginia  Tech  next  year  because 
he’s  a  Mac  fan,  and  Virginia  Tech 
has  a  cluster  of  1,100  Power  Mac 
G5s  in  itsTerascale  Facility 

Senior  Susan  Ditmore  is  willing 
to  roll  up  her  sleeves  and  do 
“whatever  the  systems  adminis¬ 
trators  ask  or  need  help  with”  in 
the  lab,  she  says. 

For  her  senior  research  project, 
17-year-old  Ditmore  has  built  a 
cluster  of  Pentium  II  machines. 

“They’re  really  old,  but  if  you 
stick  25  of  them  together  you 
get  a  lot  of  performance,”  she 
says.They’re  pretty  reliable,  too.” 

Ditmore  chuckles  when  asked 
about  the  network  she  runs  at 
home. 

“I  have  six  computers  in  my 
bedroom,  four  running  Linux,” 
she  says.“My  parents  insisted  that 
we  get  two  separate  Internet  con¬ 
nections  so  I  wouldn’t  get  into 
theirs,  but  of  course  I  can  get  in 
if  I  want.They  can’t  maintain 
their  systems.”  ■ 
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The  net  behind  the  students 

Students  at  Thomas  Jefferson  High  School  for  Science 
and  Technology  have  access  to  top-notch  networks. 

The  Alexandria,  Va.,  school  boasts  100M  bit/sec  con¬ 
nections  for  all  its  workstations,  which  are  used  to  analyze 
and  model  data  for  classes  ranging  from  CAD  to  geosciences. 
Altogether,  the  school’s  LAN  has  1,000  nodes. 

The  school  has  three T-1  connections  to  the  Internet  and  a 
link  to  Internet2,  a  high-speed  backbone  operated  by  the 
nation's  colleges  and  universities.  AT-3  connection,  which  was 
eliminated  a  year  ago  because  of  budget  cuts,  will  be  re¬ 
installed  this  summer. 

A  wireless  LAN  lets  students  roam  the  school  using  laptops, 
but  most  of  the  computer  science  aficionados  prefer  speedier 
wired  connections.  Students  who  volunteer  in  the  Computer 
Systems  Lab  also  can  get  experience  with  H.323  videoconfer¬ 
encing  and  ATM. 

—  Carolyn  Duffy  Marsan 


■  Network  World,  118  Turnpike  Road, 


Not  so  smart  technology?  Smart  readers 

Last  week’s  column  about  the 
use  of  radio  frequency  identifi¬ 
cation  badges  in  schools  gen¬ 
erated  a  lot  of  thoughtful  reader 
feedback.  A  few  common  themes 
came  up  so  I  thought  I’d  start  this 
week  by  addressing  what  you  see  as 
the  major  issues. 

The  first  concern  respondents  raised  was  about 
the  practicality  of  tracking  students  to  thwart  van¬ 
dalism.  Reader  Nick  Fotopoulos  said:” [How] 
would  the  RFID  tags  help  in  these  vandalism 
cases?  No  one  is  going  to  go  do  graffiti  on  the  wall 
of  the  school  wearing  their  RFID  tag.  If  anything 
they  are  going  to  take  another  kid’s  tag  and  wear  it 
while  they  do  it,  or  just  neglect  to  wear  it  at  all.  If 
they  are  dumb  enough  to  wear  their  tag  while  van¬ 
dalizing  the  school  then  they  would  have  been 
caught  anyway!’ 

I  replied:  I  suspect  that  use  of  tags  would  be  more 
of  a  deterrent.  As  for  kids  not  wearing  tags,  a  well- 
designed  system  would  detect  someone  walking 
past  a  checkpoint  who  didn’t  have  a  tag. 

Stolen  tags  would  be  easily  dealt  with  —  students 
whose  tags  were  stolen  would  be  required  to  report 
the  theft  immediately  on  realizing  their  tags  were 
lost.  If  their  tags  were  misappropriated,  there  would 
be  plenty  of  evidence  as  to  how  their  tags  and  the 


thief’s  tags  were  being  used. 

Making  a  system  like  this  anything  near  perfect 
would  be  difficult,  not  to  mention  very  expensive, 
but  the  system  would  deliver  increased  account¬ 
ability  for  students  and  staff,  and  would  make  mis¬ 
behavior  harder  to  get  away  with. 

Note  also  that  human  involvement  is  always 
required.  Even  the  automated  roll  call  needs 
human  supervision  to  work  properly:  Count  the 
bodies.  More  tags  than  bodies?  Alert!  Less  bodies? 
Alert!  Wait,  Bobby’s  tag  is  here,  Steve’s  isn’t,  but  Steve 
is  here?  Alert! 

This  is  not  a  foolproof  or  even  bad-guy-proof  sys¬ 
tem;  it  would  exist  to  augment  procedure  rather 
than  being  a  wholesale  replacement. 

Fotopoulos  also  raised  the  second  common 
objection:”  [Who]  exactly  is  going  to  be  inside  a 
burning  school  messing  with  the  RFID  tracking  sys¬ 
tem  looking  for  students?  Firefighters,  I’m  certain, 
would  prefer  walking  through  the  school  looking 
around  rather  than  rely  on  a  system  that  may  be 
malfunctioning  due  to  the  fire  they  are  fighting.” 

In  real  life  it  might  work  this  way:  Alarm  sounds, 
children  leave  the  building. Teachers  run  roll  call. 
According  to  the  start-of-day  roll  call,  Bobby’s  at 
school  but  now  he’s  not  with  his  class.  The  tag  sys¬ 
tem  says  he’s  in  the  building. 

Now  whether  Bobby  is  in  the  building  or  with  the 


wrong  group,  under  normal  conditions  firefighters 
would  enter  the  building  to  try  to  find  him  if  he 
couldn’t  be  found  outside. 

If  the  tag  system  is  working,  the  child’s  last  loca¬ 
tion  will  be  known,  a  better  bet  for  the  firefighters 
to  succeed  than  if  the  tag  wasn’t  in  use.  Without  the 
tag  system,  where  would  they  start  in  a  large 
school? 

Many  of  you  also  voiced  concerns  about  “Big 
Brotherism”and  indoctrinating  children  into  accept¬ 
ing  surveillance. Your  concern  is  valid,  but  just  con¬ 
sider  how  much  significance  this  would  have  given 
the  monitoring  and  surveillance  that  you,  as  an 
adult,  have  accepted  with  hardly  a  murmur. 

This  type  of  solution  is  not  another  erosion  of  our 
freedoms  in  the  sense  of  a  surrendering  of  civil  liber¬ 
ties  and/or  personal  autonomy  and  accountability 
What  it  should  be  is  an  attempt  to  be  organized,  to 
be  care  taking,  and  to  be  responsible. 

Sure,  there’s  opportunity  for  abuse  and  for  ram¬ 
pant  bureaucracy  to  misuse  the  system,  but  that  is 
where  school  boards,  parents  and  IT  professionals 
come  in:  We’re  the  people  who  can  make  such  tech¬ 
nologies  and  systems  work  to  make  things  better. 

Tell  me  how  at  backspin@gibbs.com.  Also,  we’re 
involved  in  a  Gearblog,  so  check  out  our  postings  at 
www.nwfusion.com,  DocFinder:  6253. 
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By  Paul  McNamara 


Intelligence  you  can  use 

Here's  the  high-minded  reason  for 
today’s  column:  Major  corporations  like 
yours  rely  on  business-intelligence  software  such  as  that  provided  by  SAS  to  dis¬ 
cover  competitive  advantages  in  an  increasingly  cutthroat  business  world. 

Here’s  the  real  reason:  I  know  that  your  time  for  such  weighty  work  matters  is 
limited  today  by  a  more  pressing  need  to  find  competitive  advantage  in  your  cut¬ 
throat  March  Madness  office  pool. The  sooner  we  can  complete  your  brackets  the 
sooner  your  mind  can  return  to  the  business  of  business. 

First  the  background:  Jay  Coleman,  an  operations  management  prof essor  at  the 
University  of  North  Florida,  and  Allen  Lynch,  an  economics  professor  at  Mercer 
University,  have  been  making  a  name  for  themselves  among  basketball  fans  for  the 
past  dozen  years  by  using  SAS  business-intelligence  software  to  predict  the  field 
of  participants  in  the  annual  NCAA  tournamentThey  claim  their  model  has  cor¬ 
rectly  picked  94%  of  the  at-large  teams,  or  those  schools  that  do  not  qualify  by  win¬ 
ning  conference  championships.  You  can  read  the  nitty-gritty  at  www.dancecard. 
unf.edu  and  see  how  they  did  in  divining  the  brackets  announced  yesterday. 

So  how  might  that  94%  rate  compare  with  that  of  any  good  sportswriter? 

"Probably  about  the  same,”  Coleman  concedes.  "What  we  bring  to  the  table  is 
that  we  can  be  as  accurate  without  consulting  the  expert  and  without  really  taking 
the  time  to  watch  basketball  games  and  pore  over  statistics,”  he  says.  “That’s  one 
of  the  things  that  a  model  or  a  formula  can  do  for  you  that  in  a  business  setting 
might  actually  allow  you  to  free  up  managerial  time.” 

Right,  right,  business  setting,  managerial  time  . . .  what  else  do  they  have  that 
might  actually  allow  us  to  free  up  a  few  of  the  dollars  from  our  office  pool?  Well, 
this  year  for  the  first  time  Coleman  and  Lynch  are  turning  their  model  loose  on 
what  really  matters:  who's  going  to  win  the  games. 

"We’re  going  to  give  it  a  shot,”  Coleman  says. They’ve  rejiggered  the  variables 


they  use  to  pick  the  participants  so  as  to  produce  “maximum  likelihood  estimation 
processes,”  or  in  English,  pick  winners. 

“One  thing  that  is  quite  interesting  is  that  the  things  that  seem  to  matter  on 
who’s  actually  going  to  win  a  game  are  not  the  same  things  that  the  [NCAA  selec¬ 
tion]  committee  looks  at  when  it  decides  who’s  going  to  get  in  the  tournament,” 
Coleman  says. 

According  to  the  academics'  analysis,  the  selection  committee  relies  most  heav¬ 
ily  on  a  half-dozen  factors,  including  a  team's  Ratings  Percentage  Index  (RPS) 
ranking,  conference  record,  and  record  against  Top  25  teams.  But  do  not  follow  the 
committee's  lead  when  completing  your  brackets. 

What  does  matter? 

First  up  is  the  power,  relatively  speaking,  of  the  conference  from  which  a  team 
arrives  in  the  tournament. 

That  might  seem  painfully  obvious  to  some,  but  the  selection  committee  appar¬ 
ently  does  not  consider  relative  conference  strength  in  choosing  tourney  partici¬ 
pants,  according  to  the  professors'  analysis.  You  should 

The  second  key  to  picking  winners  is  to  favor  those  teams  that  topped  their  con¬ 
ference  regular- season  standings,  not  those  that  won  their  post-season  confer¬ 
ence  tournaments,  as  conventional  wisdom  often  holds.  "It's  not  the  hot  team,  it's 
how  did  you  do  over  the  bigger  sample  size  of  the  whole  season,”  Coleman  says. 

And  then  there’s  this  utterly  strange  X-facton  non-conference  wins  and  losses. 

“The  weird  thing  here  is  the  worse  you  do  out  of  conference,  the  better  your  shot 
at  winning  a  game  in  the  tournament,”  Coleman  says.  “It  is  strange  and  it  may  be 
spurious;  we  worry  about  that  when  we  do  quantitative  analysis." 

What  it  might  mean  is  that  such  teams  are  battle-hardened  come  tourney  time. 

There  you  have  it:The  software  says  you  should  pick  teams  from  powerful  con¬ 
ferences  that  won  regular- season  titles  and  lost  their  fair  share  of  non-conference 
games.  Now  back  to  work. 

Don’t  blame  me  if  they’re  wrong.  Tne  address  is  buzz@nww.com. 


Your  potential.  Our 

Microsoft 


BizTalk  Server  2004  named  InfoWorld's 
best  Process  Automation  Solution. 


Get  the  story  or  enlist  a  Microsoft  Certified 
Partner  at  microsoft.com/biztalk 


Microsoft 


Windows 


Most  applications  and  protocols  were  designed  to  fun  locally.  Over  a  WAN,  they  grind  to  a  bolt 
That's  why  Riverbed  developed  a  solution  built  on  ladicoily  new,  patent-pending  technology  that 
actually  delivers  LAN-like  performance-  across  your  WAN  Even  for  chatty  applications  that  can 
break  down  across  the  most  robust  networks. 

Riverbed's  proven  solution  allows  your  enterprise  to  consolidate  IT  infrastructure:  at  the  data 
iter,  optimize  your  bandwidth  usage,  and  still  deliver  applications  and  data  over  your  WAN  - 
at  speeds  that  make  remote  data  f .  ;l  local 

We're  so  confident  that  Riverbed  can  impiove  youi  WAN:  application 
performance,  we'll  even  let  you  try  it  for  30  days,  lisk-fiee  Call 
us  at  1 -87-RIVERBED  to  get  started  right  away,  01  visit 

www.rivc bed.com/NVV  today 


